Effective Approaches to “Bringing the Pain” With Risk Management

Chuck Norris PainJust a quick note about this month’s column (available here).

I’m getting the sense from the risk and control professionals I’ve spoken with recently that there is a greater realization of the separation of duties incumbent upon risk functions. In this piece, I briefly discuss how to use reporting to make this clear, and drive an increase in control posture across your organization.

This being the goal setting time of year, its also worth noting that you shouldn’t be committing to increasing control strength unless you are really the owner of a control. Otherwise, I’d recommend using phrases like “better inform,” “make aware,” “increase awareness,” etc. It more accurately represents the role you play.


(Yes, that’s Chuck Norris in the eponymous 2009 game, because nothing says “effective IT risk management” like Chuck Norris!)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: