I’m pleased to announce that I have been asked to present at the Cyber Risk North America conference on 15-16 March in NY. Its offered in conjunction with OpRisk North America where I presented last year.
I will be presenting on the theme of assessing quality using Risk Forecast Accuracy (a topic that was the subject of our article in the February ISSA Journal). Come for a great session on the practical approach of creating and measuring the accuracy of the rating tables for your organization. I’m scheduled to speak on the second day at the 11:40AM session.
In this month’s ISSA Journal, my colleagues and I wrote about Risk Forecast Accuracy. This is a practice that all mature risk functions should pursue and we offer an approach that is relatively straightforward and practical in its application.
If we accept that risk is a statement about the future, then its important to also measure how well we did at forecasting these bad things. Its a job that requires staying up to date on what is happening in the industry and to what extent it will apply to your specific organization. It provides not only a good measure of how well you did, but also a foundation upon which you can base what your risk should be going forward.
Risk work is never complete; continuous improvement should be our goal. Embrace being incomplete.