Update existing PDs to

include responsibility
for risk-based decison
making Roles and
responsibilities

Update existing
committee charters

Provide risk-based
thinking training to
decision makers

Competencies
Include risk
management
competencies into
existing business Develop a short risk
training programs management policy
structured around
ISO31000 principles
Set up and become a
secratary for the Risk
Committee Develop a very basic
risk management
Policies and procedures framework document,
Present risk related aligned with ISO31000
topics at every
corporate speaking Risk culture
opportunity Identify and fullful any
Risk management 1 (it's
other regulatory or
rm1, so keep it as
shareholder
simple and as quick as
Include risk requirement regarding
Communication possible, this is less
management topics on risk management
than 10% of the effort)
the meeting agendas

Develop a high level risk

Write risk management profile, linking key risks
speaches for executives Risk profile to strategic objectives
at every opportunity (basically a colourful
risk register)

Participate in corporate
events and run own risk Review existing
competitions business policies and
procedures to identify
significant decision
Disclosure information points
about risk-bsed decision
making in the annual
report Add risk analysis to the
significant decision
making procedures
Disclosure information where required
about risk-bsed decision Policies and procedures
Disclosure
making on the
corporate intranet Risk management Develop templates and
implementation provide training to the
roadmap decision makers
Disclosure information
about risk-bsed decision
making on the Agree qualty control
corporate website and decison monitoring
with the internal
auditors on the future
decision risk analysis

Develop a specific risk

analysis methodology
for each decision type

Provide tools to the

decision makers or
Key decisions
Develop quant skills perform risk analysis on
key decisions yourself

Develop soft skills

Competencies Risk management 2 Develop monitoring
metrics for key
Develop a strong decisions (KRIs)
understanding of the
nature of the business
Change the way
uncertainty is
Invest into proper accounted for during
modeling tools planning by moving
away from single point
estimates to ranges
Tools
Automate RM1 if Risk management team Planning and budgeting
possible, most GRC/ERM
products are a waste of Replace traditional
time scenarios run by
finance with more
sophisticated risk
At every opportunity modeling
meet and exchange
ideas with other global
risk managers Use MC simulations to
change how KPIs and
Networking performance targets
Quickly separate RM1 are calculated
Performance
from RM2 risk
management
managers. Spend your
time on RM2 risk Work with HR to
managers monitor KPIs using
ranges