Home • Articles • News

Risk management is more than buying insurance coverage, it is taking a pro-active role in the many areas of risk awareness and managing the business to reduce or eliminate risks.

The first step to making improvement is to investigate and understand your company’s risk management approach. To assess the effectiveness of control, an organization may find it helpful to express the criteria as questions tailored to its circumstances. The following is a simple example of questions a group might use to conduct a self-assessment:

• Do you have an emergency preparedness plan?

• Is Your Company's Data secure?

• Do You Have A Data Recovery System?

• Do you have a regular offsite backup system in place?

• Do you have written polices and procedures?

• Does your company have business insurance coverage?

• Do you know your cost of risk?

• What you are paying in losses, insurance premiums, broker fees, and administration costs? How do these costs relate to other forms of risk like strategic, operational, financial etc., confronting the organization?

• Do you monitor external and internal environments in order to obtain information that may signal re-evaluations of the objectives or control?

• Do you monitor performance against targets identified on your plan?

• Do you reassess information needs and information systems to identifying reporting deficiencies?

• Do you follow-up procedures to ensure appropriate change or action?

• Do you periodically assess the effectiveness of control and communicate the results to those accountable?

• Do you have the right people, skills, tools and resources?

• Is there prompt communication of mistakes, bad news, etc. to information people who need to know, without fear of reprisal?

• Is there adequate information to allow you to perform your tasks?

• Are your actions coordinated with the rest of the organization?

• Do you have the procedures and the processes to help ensure achievement of your objectives?