ARPI has released a guide to the Commonwealth Risk Management
Policy.
The guide has been prepared by an ARPI Associate who is a Chief
Risk Officer and wishes to
offer suggestions on how the Commonwealth’s Risk Management
(Operational) Policy could be more
effective from a risk management perspective. Thus the views
expressed focus on risk management.
The Guide to the Commonwealth Risk Management Policy is
available here or via
the Publications Page under ‘C’
------------------------------------------------------------------------
Please note the comments! We
must look critically at everything. (ZB)
Being published does not make something
right.
-------------------------------------------------------------------
Interestingly the document has been
drafted as if it is a template where the risk manager using
it could simply replace the field "<Organisation Name>"
in the paper with their associated institution name. A cut
and paste of risk management policy if you prefer, although I
trust few people worth their salt would treat a risk
management guideline in such a way.
Apart from all of this, the document seems to focus
on Risk Assessment Matrix methods which is something the
world of risk management needs to progress beyond
AND then there is this on risk
appetite: "<Organisation Name> will not accept risks
with a risk level of Very High or Extreme and requires
all risks to be controlled so that no risk levels are
greater than High." Oh dear me, this is so wrong on so many
levels. I know I am coming across as a negative today
and sorry for that, but this
document is a FAIL in my opinion. (edited)
Social networks