I am forwarding a link to a short article by Tim Leech and Lauren Hanlon discussing, as they say, Paradigm paralysis in ERM & internal audit. I am providing you with this article because of the discussion between risk management that first and primarily identifies risk, and one that first starts with the objectives of the enterprise, and then follows with the risks to those objectives.
You might also be aware that soon, perhaps next month in September, COSO will be making available its eagerly awaited ERM update, which could be an important development.
Below is the link to the Leech/Hanlon paper (I do also note that they lost me a little with the sample summary report on the second page of the paper – I prefer reports that very easily speak for themselves – but I have found that sometimes professionals with Tim’s experience tend to write in a manner that is not always the most easy or simple to understand). This is a worthwhile paper – please read it. Dave Tate, Esq., San Francisco and California.
Click to access Risk-Oversight-Solutions-Paradigm-Paralysis-in-ERM-IA-Tim-Leech-Lauren-Hanlon.pdf