JULIAN TALBOT

Digital technologies can be a powerful tool for organizations to identify, assess, and control risks. These technologies can help...

You have a lot on your plate as a CEO or senior executive. Numerous factors, from staying competitive to attracting and retaining top...

The COVID-19 pandemic has accelerated several emerging trends, including: The widespread adoption of remote work, or working from home,...

Understanding, let alone managing risk, can often feel like hanging on by your fingertips. But it doesn't have to be that way. By...

"What gets measured gets managed." - Peter Drucker [1] Like many cliches, "what gets measured gets managed" is correct enough to be...

Quantitative risk assessment (QRA) is a practical approach for evaluating and analyzing risk. Some proponents of QRA argue that it is the...

In Ernest Hemingway’s novel The Sun Also Rises, a passage in which a character named Mike is asked how he went bankrupt. “Two ways,” he...

Let's start with the three most common errors when doing a risk assessment: Inadequate risk identification. Will the real risk please...

I have put all my intelligence and effort into some beautifully crafted risk assessments over my years as a practitioner and I've been...

“There is no dearth of evidence in everyday life that people apprehend reality in two fundamentally different ways, one variously...

TL;DR: It's about culture. If you have to 'operationalize' risk management, whatever you're doing isn't risk management. Risk management...

I've just finished giving a presentation at the ISC2 2021 Security Congress and several people asked for a copy of the slides. I hope...

The search for the elusive subject matter expert - how to find a risk management consultant when you need one.

We all want better risk management but how do you convince people to pay for it? That question turned into a book and series of articles.

I've written about my version of what a fully featured enterprise risk management (ERM) system should, or at least could, look like....

In 30 years of crisis management I can distill the success factors down to three things. Scenarios, lead indicators, and Plan Bs.

If you want to (or have to) use a risk matrix, here are some pitfalls to minimize the problems and maximize the benefits.

Imagine a system that monitors inputs, processes and outputs, tracking culture, and organizational behaviors.

Bow-Tie is one of the simplest but most helpful risk management tools in the risk management arsenal. And it's highly visual.

ALARP (As Low As Reasonably Practicable) is a fundamental concept in risk management, as it should be in life in general. It expresses...