FSA writes to firms regarding IT Risk Management in the wake of recent failures

Today the FT is reporting that the FSA has written to the Chairman of the UK’s nine largest banks and building societies regarding the robustness of their IT Infrastructure and demanding the names of the individuals who will be held accountable for any IT failures.

The FSA’s actions are not surprising given the recent IT failures seen at RBS however it does raise yet another challenge for firms as they review their approach to IT Risk Management and seek the ways and means to incorporate ‘IT Risk Management’ into their wider Risk Management agenda.

In this blog post we set out how how the Stratex solution can assist firms to meet the challenge of driving forward their IT Risk Management framework, and importantly how this can be done as part of wider Enterprise Risk Management framework.

Read More

A key role of a board is…

“A key role of a board is to set the basic goals for a firm’s strategy and to ensure that they are within the agreed risk appetite. This requires that a board assure itself that a detailed consideration of risks is part of the process of considering future strategy” - The failure of the Royal Bank of Scotland, Financial Services Authority Board Report, December 2011

ISO31000 - Risk Management Principles

Risk management creates and protects value.

Risk management contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, product quality, project management, efficiency in operations, governance and reputation.

Risk management is an integral part of all organizational processes.

Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. Risk management is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.

Risk management is part of decision making.

Risk management helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.

Read More

Five principles for creating a strategy-focused organization

Principle 1: Translate the strategy into operational terms

This principle comprises two sub-components: Strategy Maps and Balanced Scorecards that together describe the strategy and its implementation. It is by translating strategy into the logical architecture of a Strategy Map and a Balanced Scorecard that organizations create a common, understandable point of reference for everyone.

Principle 2: Align the organization to the strategy

Synergy is the overarching goal of organization design. Organizations consist of numerous sectors, business units and specialized departments, each with its own strategy. For organizational performance to become

Read More

Webinar - Integrating Risk Into Your Balanced Scorecard - 27th Sept

{EAV:05b43a793e5f9f54}

Join Andrew Smart, the CEO of StratexSystems, as he presents a one-hour webinar on integrating Risk into Your Balanced Scorecard. He will explain the important role a Balanced Scorecard has to play in a risk management framework, how to use the Balanced Scorecard to set the context for your risk management initiative and how create alignment within your organisational culture through risk appetite, accountabilities and alignment matrix.

To effectively Integrate Risk into Your Balanced Scorecard, technology is critical. Andrew will demonstrate how your organisation can take advantage of its SharePoint investment to deliver an Integrated Risk into Your Balanced Scorecard.

Register here

Webinar - Shaping Your Culture Via Risk Appetite - 18th Oct

Join Andrew Smart, the CEO of StratexSystems, as he presents a one-hour webinar on Shaping Your Organisational Culture via Risk Appetite. He will explain briefly explain risk appetite and how it can be linked into the overall strategy and risk management process of an organisation. He will then go on to explain how Risk Appetite statements work alongside Vision statements, creating the right ‘tone from the top’, and how that can be cascaded through the organisation in the form of Risk Tolerances and KRIs.

The webinar will conclude with a demonstration of how to enable and embed change leveraging your SharePoint investment.

Register here

Webinar - Managing With KPIs & KRIs - 1st Nov

Join Andrew Smart, the CEO of StratexSystems, as he presents a one-hour webinar on Managing with KPIs and KRIs. During this webinar He will explain the how to incorporate KPIs and KRIs into a integrated Strategy Execution and Risk Management framework, he will explain how to use these different types of indicators together in a Strategy Map to develop a forward looking view of strategy and risk, and he will outline why using a RAGAR approach for monitoring indicator status is preferable to a traditional RAG approach.

The webinar will conclude with a practical demonstration of how organisation can leverage their investment in SharePoint to effective roll-out KPIs and KRIs across their organisation.

Register here

What is SharePoint?

Many people will be familiar with SharePoint as a place to store their documents and as their internet site, maybe providing a team or project with a specific workspace to enable collaboration. For many organisations delivering internet sites and document management is SharePoint’s role, however this underrates, and risks underutilising SharePoint.

As the diagram below shows, SharePoint is

Read More

Banks 20 years behind in risk management…

Since we started developing the Risk-Based Performance Management approach, back in late 2006/07, we have been consistently saying that the way the financial services sector manages both strategy execution and risk management needs to be improved.

Now Corven Consulting has released a research report that found Banks are 20 years behind the aviation industry in managing risk. This finding and other key points from the report, below simply reinforce our belief that there is significant room for improvement in strategy execution and risk management.

Key points from the report are, based on 60% of the

Read More