Sean Lyons is the principal of Ireland-based R.I.S.C. International and a recognized corporate defense strategist. Lyons advocates that corporate defense should play a greater role in corporate strategy. In recent years his work, which includes a heck of a lot of writing (some of which I link to in our chat below) has focused on the design and development of corporate defense program blueprints.

Eric Krell: Sean, we met, virtually, two months ago when you responded to an entry in this blog. When I Googled you (a 21st-century reflex), I discovered that you have invested significant thought (and research) in risk management.

In fact, you’re the architect of a cross-functional discipline you refer to as “Corporate Defense Management” (CDM). Please tell me why and how you conceived of CDM … more

In late March, I chatted with OpenPages’ Gordon Burnes about Toyota’s risk management issues and whether or not Kermit the Frog is a good fit for a chief risk officer position (he’s not, Burnes asserts).

This month, we picked up the chat while discussing how tone at the top should be expressed; how risk appetites are stated and communicated; and how key risk indicators can cure “alarm fatigue.”

Eric Krell: This begs the question: Who should be the risk manager then … Miss Piggy? Animal?

Certainly someone with the clout and courage (and karate chop) to surface bad news, right?

In fact, that marks a distinguishing characteristic, if earlier news reports are to be believed, between pre-crisis Goldman Sachs and pre-crisis banks that were crushed by the financial crisis. Goldman’s chief risk officer came from the trading floor and had the background, credibility and authority to raise questions. … Here, I think you are saying that tone at the top is a must, but you’re also pointing to the importance of the middle and lower levels of the organization – which is where technology can help to enforce risk-culture-building behaviors. I like the example of the organization that requires actions on risk-rating of “3,” which sounds like a “yellow” issue.

Here’s my question: How do organizations avoid risk-management burnout? Or, more precisely, what are some of the ways in which you see organizations achieving a healthy balance between taking too little action in response to risks and overreacting to risks? more

What the Heck is CCM?

It’s a YouTube video that defines continuous controls monitoring (CCM) and describes the activity’s value.

Additional continuous monitoring insights and examples are available here and here. ###

PricewaterhouseCoopers recently released its 6th annual “Global State of the Internal Audit Profession” survey. I chatted with Brian Brown, PwC’s IA advisory services leader, to get a taste for the survey results and to have him describe “Internal Audit 2.0.”

Eric Krell: What do you see as some of the key qualities, capabilities, and/or characteristics of Internal Audit 2.0?

Brian Brown: We use an analogy with Internet 2.0 as the logical next generation for internal audit. Internal Audit 2.0 it is more aligned, collaborative, and technology-enabled. By that we mean more aligned with critical risks and stakeholder expectations, more collaborative with other risk and compliance functions, and better able to leverage technology to drive efficiency in the audit process. more

Anna Bernasek’s financial journalism has appeared in the Washington Post, New York Times, Time, and other leading publications. She has a new book out titled The Economics of Integrity (HarperStudio, 2010).

I recently chatted with Bernasek about organizational integrity and trustworthiness. I appreciate how she breaks down the “DNA of integrity” into three strands: disclosure, norms, and accountability. Here’s our RiskChat:

Eric Krell: Anna, thanks for taking the time to chat. What first struck me about your book – aside from its title – is that you begin with the milkman. Why did you view the way milk is produced and delivered as an example of the economics of integrity? And, what, if anything, can we who make content, financial services products, widgets, and other products and services learn from the milkman? more