Post on 06-Feb-2018
285
Notes
Chapter 1
1 Fredrick W. Taylor, Principles of Scientific Management, Harper & Brothers,1911
2 See the W. Edwards Deming Institute, http://deming.org/3 Professor Henry Mintzberg, The Fall and Rise of Strategic Planning,
Harvard Business Review, JanuaryFebruary 19944 James Creelman, The Finance Function: Achieving Performance Excellence
in a Global Economy, Business Intelligence, UK, 20095 Globalization and the Changing UN Economy by the UKs Department
for Business Enterprise and Regulatory Reform, February 20086 The 2011 Financial Times Global 500 Index, Financial Times, UK7 Peter Hemington, The New Economic World Order: A Multipolar World
Emerges, Transitions, BDO, May 20108 The Centre for Future Studies, Insights into the Post Recession Business
Environment, Transitions, BDO, February 20109 BBC News, July 31, 2009
10 Andrew Pierce, The Queen Asks Why No One Saw the Credit CrunchComing, The Telegraph, November 5, 2008, UK
11 Best Practice in Risk Management: A Function Comes of Age, EconomistIntelligence Unit, UK, 2007
12 IMF Global Financial Stability, IMF, April 200613 Climbing out of the Credit Crunch, Association of Chartered Certified
Accountants, 2008, USA14 Risk Management is Dead . . . Long Live Risk Management, the Business
Continuity Institute, UK, 200915 Ronan OSullivan and Ross McNaughton, New UK Corporate Governance
Code, Paul Hastings: Stay Current, June 2010
Chapter 2
1 Zachary A. Goldfarb and Lisa Rein, JPMorgan Chase Execs May Departas CEO Jamie Dimon Acknowledges Terrible, Egregious Mistake onTrading, The Washington Post, May 2012, USA
286 NOTES
2 Andrew Smart, At the Intersection: An Investigation into the Integrationand Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006
3 Global Risk Management Study, Accenture, 20114 Dr Robert Kaplan and Dr David Norton, Measures That Drive Perfor-
mance, Harvard Business Review, January/February 19925 See as examples, Dr Robert Kaplan and Dr David Norton, The Balanced
Scorecard: Translating Strategy into Action, Harvard Business School Press,1996 and Creating the Strategy-Focused Organization, Harvard BusinessSchool Press, 2001
6 Adrian Cadbury, Financial Aspects of Corporate Governance, 1992, seehttp://www.ecgi.org/codes/documents/cadbury.pdf
7 Attributed to Peter Drucker8 Financial Times, August 2012, quoted from Risk Culture: Under the
Microscope Guidance for Boards, Institute of Risk Management, UK, 20129 Financial Times, August 2012, quoted from Risk Culture: Under the
Microscope Guidance for Boards, Institute of Risk Management, UK, 2012
Chapter 3
1 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Mea-sures That Drive Performance, Harvard Business Review, January/February1992
2 See as examples, Dr Robert Kaplan and Dr David Norton, The BalancedScorecard: Translating Strategy into Action, Harvard Business School Press,1996 and Creating the Strategy-Focused Organization, Harvard BusinessSchool Press, 2001
3 Dr Robert Kaplan and Dr David Norton (op. cit.)4 Research by Fortune Magazine, Quoted in Dr Robert Kaplan and Dr David
Norton, Measures That Drive Performance, Harvard Business Review,January/February 1992
5 Dr Robert Kaplan and Dr David Norton, Creating the Strategy-FocusedOrganization, Harvard Business School Press, 2001
6 Dr Robert Kaplan and Dr David Norton, The Execution Premium: LinkingStrategy to Operations for Competitive Advantage, Harvard Business SchoolPress, 2009
7 Darrell Rigby and Barbara Bilodea, Management Tools & Trends, Bain &Company, 2011
8 Aaron Crabtree and Gerald DeBusk, The Effects of Adopting the Bal-anced Scorecard on Shareholder Returns Advances in Accounting, USA, June2008
NOTES 287
9 See, as examples, Bernard Marr and James Creelman, More with Less:Maximizing Value in the Public Sector, Palgrave Macmillan, 2011. NareshMakhijani and James Creelman, Creating a Balanced Scorecard for aFinancial Services Organization, John Wiley & Sons, Asia, 2011
10 Professor Robert Kaplan, blog entry, December 200811 The SarbanesOxley Act, 2002, see www.soxlaw.com/12 Enterprise Risk Management: Integrated Framework, The Committee of
Sponsoring Organizations of the Treadway Commission, 200413 Standards Australia and Standards New Zealand, and New Zealand Stan-
dards of Risk Management: AS/NZ 4360:2004, Risk Management,Australia, 2004
14 The Orange Book: Management of Risks Principles and Concepts, HerMajestys Treasury, UK, 2004
15 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-tional Organization for Standardization, 2009
16 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-tional Organization for Standardization, 2009
17 Andrew Smart, At the Intersection: An Investigation into the Integrationand Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006
18 Professor Kaplan first shared his developing ideas in a series of articles thatappeared in the Balanced Scorecard Report, most notably in 2009
19 In Kaplan and Nortons January 2012 article The Future of the BalancedScorecard, published in the US CGMA Magazine
20 In the June 2012 edition of the Harvard Business Review Kaplan, alongwith Harvard Business School Assistant Professor Annette Mikes, publishedthe article Managing Risks: A New Framework
21 Nelson D. Schwarz and Jessica Silver-Greenberg, JPMorgan Was WarnedAbout Lax Risk Controls, New York Times, June 3, 2012
Chapter 4
1 See Sun Tzu, The Art of War, Special Edition, translated and annotated byLionel Giles, El Paso Norte Press, 2005
2 Quoted from Lizwe Nikala, Long Range Strategic Thinking Ability, WhyCEOs Must Have It, Entrepreneur Magazine, February 2, 2012, SouthAfrica
3 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Trans-lating Strategy into Action, Harvard Business School Press, 1996
4 Michael Porter, What Is Strategy? Harvard Business Review, 20065 Michael Treacy and Fred Wiersema, Customer Intimacy and Other Value
Disciplines, Harvard Business Review, 1993
288 NOTES
6 W. Chan Kin and Renee Mauborgne, Blue Ocean Strategy: How to CreateUncontested Market Space and Make the Competition Irrelevant, HarvardBusiness School Press, 2005
7 Ukerto Moti, Aligning Human Capital to Execute CorporateStrategy for Public Sector Growth and Service Excellence, see http://www.academia.edu/283841/Aligning_Human_Capital_to_Execute_Corporate_Strategy_for_Public_Sector_Growth_and_Service_Delivery
8 Working paper on Risk Culture: Guidance from the Institute of RiskManagement, Institute of Risk Management, UK, June 2012
9 Dr Larry Rittenberg and Frank Martens (op. cit.)10 See http://www.reputationinstitute.com/thought-leadership/global-
reptrak11 Dr Larry Rittenberg and Frank Martens, Understanding and Communi-
cating Risk Appetite, the Committee of Sponsoring Organizations of theTreadway Commission, January 2012
12 The Failure of the Royal Bank of Scotland, Financial Services Authority,UK, December 2011
13 Dr Larry Rittenberg and Frank Martens (op. cit.)14 Enterprise Risk Management: Integrated Framework, the Committee of
Sponsoring Organizations of the Treadway Commission, 200415 Dr Larry Rittenberg and Frank Martens (op. cit.)16 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-
tional Organization for Standardization, 200917 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-
tional Organization for Standardization, 200918 The British Standards institution, BS31100:200819 Dr Larry Rittenberg and Frank Martens (op. cit.)20 Dr Larry Rittenberg and Frank Martens (op. cit.)21 A. Osterwalder, Yves Pigneur, Alan Smith, and 470 practitioners from 45
countries, Business Model Generation, Business Model Foundry, 201022 Dr Larry Rittenberg and Frank Martens (op. cit.)23 Research into the Definition and Application of the Concept of Risk
Appetite, Marsh and the University of Nottingham, UK, October 2009
Chapter 5
1 Martha Lagace, The Office of Strategy Management, Q&A with ProfessorRobert Kaplan, Harvard Business School, Working Knowledge, Arch 27th2006, Harvard Business School Press, USA
2 Attributed to Professor Albert Einstein3 Attributed to Peter Drucker4 Attributed to Peter Drucker5 See James Creelman, Building a Strategic Balanced Scorecard, Business
Intelligence, UK, 2003
NOTES 289
6 Strategic Performance Management in Government and Public SectorOrganizations, Advanced Performance Institute, UK, 2008
7 Bernard Marr and James Creelman, More with Less, 2011 PerformanceChallenges for the UK Public Sector, Advanced Performance Institute, UK,2011
8 James Creelman and Jonathan Chocqueel-Mangan, Reinventing Budgetingand Planning for the Adaptive Organization, Business Intelligence, UK,2006
9 James Creelman and Jonathan Chocqueel-Mangan (op. cit.)10 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Measures
That Drive Performance, Harvard Business School Press, 1996
Chapter 6
1 see www.shiftinpartners.com2 James Creelman, Building a Strategic Balanced Scorecard, Business Intelli-
gence, UK, 20033 Fra Lucs Bartolomeo de Pacioli, Summa de Arithmetica, Geometrica,
Poroportioni et Proportionaltie, 1494, Italy. Version: Universidad Auto-noma de Nuevo Leon, 1991
4 See http://www.thehackettgroup.com/
Chapter 7
1 Quoted from ERM History, Druml Group: see http://www.druml.com/management-advisory/enterprise-risk-management/erm-history/
2 Basel II The second of the Basel Accords, Basel Committee on BankingSupervision, 2004
3 See http://www.isixsigma.com/tools-templates/cause-effect/determine-root-cause-5-whys/
4 See http://en.wikipedia.org/wiki/Ishikawa_diagram5 Enterprise Risk Management: Integrated Framework, the Committee of
Sponsoring Organizations of the Treadway Commission, 20046 Strengthening Enterprise Risk Management for Competitive Advantage,
The Committee of Sponsoring Organizations of the Treadway Commis-sion, 2009
7 Risk Management: Principles and Guidelines, ISO31000-2006, ISO 20098 Risk Management: Principles and Guidelines, ISO31000-2006 (op. cit.)9 Oxford Dictionary, see http://oxforddictionaries.com/
10 Strengthening Enterprise Risk Management for Competitive Advantage(op. cit.)
11 Dr Larry Rittenberg and Frank Martens, Understanding and Communi-cating Risk Appetite, the Committee of Sponsoring Organizations of theTreadway Commission, January 2012
290 NOTES
12 Internal Control Integrated Framework, the Committee of SponsoringOrganizations of the Treadway Commission
Chapter 9
1 Adrian Cadbury, Financial Aspects of Corporate Governance, 1992, seehttp://www.ecgi.org/codes/documents/cadbury.pdf
2 The Greenbury Report on Directors Remuneration, Confederation ofBusiness and Industry, UK, 1995
3 Nigel Turnbull, Internal Control: Guidance for Directors on the Com-bined Code, London Stock Exchange for listed companies, 1999 (revisedguide published in 2005)
4 Climbing out of the Credit Crunch, Association of Chartered CertifiedAccountants, 2008, USA
5 The Corporate Governance Lessons from the Financial Crisis by GrantKirkpatrick
6 The Failure of the Royal Bank of Scotland, Financial Services Authority,UK, December 2011
7 Senior Supervisors Group Risk Management Lessons from the Global BankingCrisis of 2008
8 Ernst & Youngs 2010 report Making Strides in Financial Services RiskManagement
9 The UK Corporate Governance Code, 2010, Financial Reporting Council,UK, 2010
10 The King Committee on Corporate Governance: The King Report onCorporate Governance I, The Institute of Directors, South Africa, 1994
11 The King Committee on Corporate Governance: The King Report onCorporate Governance II, The Institute of Directors, South Africa, 2002
12 The King Committee on Corporate Governance: The King Report onCorporate Governance III, The Institute of Directors, South Africa,1994
13 Corporate Governance Principles and Recommendations, The ASX Corpo-rate Governance Council, Australia, March 2003
14 OECD Principles of Corporate Governance, Organisation for EconomicCo-Operation and Development, 2004
15 The SarbanesOxley Act, 200216 OECD Principles of Corporate Governance (op. cit.)17 Dr Roger Barker, Responding to the Crisis, The Corporate Governance
Perspective, Institute of Directors, UK, September 200918 Research into the Definition and Application of the Concept of Risk
Appetite, Marsh and the University of Nottingham, UK, October 200919 National Association of Corporate Directors Blue Ribbon Commission
report, Risk Governance: Balancing Risk and Rewards
NOTES 291
Chapter 10
1 Financial Times, August 2012, quoted from Risk Culture: Under theMicroscope Guidance for Boards, Institute of Risk Management, UK, 2012
2 Attributed to Peter Drucker3 Andrew Smart, At the Intersection: An Investigation into the Integration
and Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006
4 Ernst & Youngs 2011 research paper Making Strides in Financial ServicesRisk Management
5 Citigroups Chief Executive, Charles O. Prince said in July 2007, As longas the music is playing, youve got to get up and dance. Were still dancing.
6 Risk Management in a Time of Global Uncertainty, Harvard BusinessReview Analytic Services, Harvard Business School Publishing, USA, 2011
7 Risk Culture: Under the Microscope Guidance for Boards, The Institute ofRisk Management, 2013
8 Understanding and Articulating Risk Appetite, KPMG, 20099 Understanding and Articulating Risk Appetite (op. cit.)
10 Lord David Walker, A Review of Corporate Governance in UK Banks andOther Financial Industry Entities, HM Treasury, UK, 2009
11 Making Strides in Financial Services Risk Management, Ernst & Young,2011
12 Making Strides in Financial Services Risk Management (op. cit.)13 Research into the Definition and Application of the Concept of Risk
Appetite, Marsh and the University of Nottingham, UK, October 200914 Understanding and Articulating Risk Appetite (op. cit.)15 Risk Management: Principles and Guidelines, ISO31000-2006, ISO 200916 See www.senndelaney.com
Chapter 11
1 The Gartner Group, 2011, see http://thisiswhatgoodlookslike.com/2012/06/10/gartner-survey-shows-why-projects-fail/
2 Quoted from Robert Miller, Only a Matter of Time Before the SpreadsheetsHit the Fan, Daily Telegraph, UK, June 30, 2005
3 See, for example, The Use of Spreadsheets: Considerations for Section4 404of the SarbanesOxley Act, PricewaterhouseCoopers, July 2004
4 John Carney, Barclays Spreadsheet Error Results in Lehman Chaos, BusinessInsider, October 16, 2008
5 Grenville J. Croll, Spreadsheets and the Financial Collapse, European Spread-sheet Risks Interest Group, 2009
292 NOTES
Chapter 12
1 Enterprise Risk Management: Integrated Framework, the Committee ofSponsoring Organizations of the Treadway Commission, 2004
2 Capability Model Maturity Model, Carnegie Mellon University SoftwareEngineering Institute, USA
3 Jim Collins and Jerry Porras, Built to Last: Successful Habits of VisionaryCompanies, HarperCollins Publishers, 2002
4 Jim Collins and Jerry Porras, Good to Great: Why Some Companies Make theLeap . . . and Others Dont, HarperCollins Publishers, 2001
5 A. Osterwalder, Yves Pigneur, Alan Smith, and 470 practitioners from 45countries, Business Model Generation, Business Model Foundry, 2010
293
Index
Note: The letters f , n and t following locators refer to figures, notesand tables.
ABN AMRO acquisition, 956ACCA, see Association of Chartered
Certified Accountantsadvanced measure approach, 169Advanced Performance Institute, 122Advances in Accounting, 69Aerospace supplier, 18990aggregated objective score, 148aligning risk-taking, 21314alignment, benefits of, 1656AMA, see advanced measure
approachAmerican Accounting Association, 71API, see Advanced Performance
Instituteappetite alignment matrix, 38f, 47,
117, 138, 192, 2039, 21213,240, 255, 258, 276collective gut feel, 208competitive advantage, 208cost of controls, 209exposure alignment matrix, 206fexposure zones, 206optimal zone, 2067over-exposed zone, 207RBPM approach, use of, 208under-exposed zone, 2078
appetite alignment process, 20913appetite alignment matrix, 21213business drivers, 210business performance, 211key risks, 212misalignments, 213
monitoring, 213review, 213risk appetite, 211risk assessment, 212steps, 20910strategic objectives, 210
appetite and managing performance,202
appetite and managing risk, 203appetite and set strategy, 202appetite, strategic importance,
94100Arab Spring, 2The Art of War, 867Ashghal, 5661
corporate strategy map, 57f, 139initiative sheet used by, 60fthree themes of outsourcing and
delivery, 61Association of Accountants and
Financial Professionals in Business,71
Association of Chartered CertifiedAccountants, 19, 21617
ASX Corporate Governance Council,2212
Australia, risk management process,746
bailout, European Union, 17balanced performance measurement,
62
294 INDEX
balanced scorecard, 33, 5470Christchurch City, 153components, 54enduring popularity of the
Balanced Scorecard, 689execution premium, 658;
alienation of organization, 67;monitor and learn, 678; planthe strategy, 667; strategy,656; test and strategyadaptation, 68
financial benefits, 69financial impact of, 69tfirst generation, 623Hall of Fame, 124perspectives of, 49, 130schematic, 35f, 62fscorecard, 612second generation, 623shortcomings of scorecard usage,
6970strategy-focused organization,
635; alienation of theorganization, 64; continualprocess, 65; everyoneseveryday job, 645; executionpremium model, 66f; executiveleadership, 65; operationalterms, 634
strategy map, 5561weaknesses in, 81
Barker, Roger, 290n17Basel Accords, 289BAU, 2779BCI, see Business Continuity
Institutebest-practice approach, 142Best Practice in Risk Management,
1819BHAGs (Big Hairy Audacious
Goals), 272Bilodea, Barbara, 286n7blue ocean, 90brainstorming, 110
business as usual, 1578, 257, 259,2779, 284
Business Continuity Institute, 20business enterprise and regulatory
reform, 12business model canvas, 10910
Cadbury, Adrian, 286n6, 290n1Cadbury Committee, 2201Capability Model Maturity Model,
269, 292n2capital allocation, 73, 220career development, 10Carnegie Mellon University Software
Engineering Institute, 269Carney, John, 291n4causality, granular understanding,
131cause-and-effect relationship, 33, 63,
171, 203CGMA Magazine, 81Chan Kin, W., 90, 288n6Creelman, James, 285n4, 287n9,
288n5, 289n7, 289n8, 289n9child-initiative, 158China
foreign exchange reserves, 13global GDP share, 14tmarket capitalization, 13nominal GDP, 13
China Construction Group, 13Chocqueel-Mangan, Jonathan,
289n8, 289n9City of Christchurch, 1534
strategy map, 154fC-level risk executive, 29Climbing Out of the Credit Crunch, 19Collins, Jim, 272, 292n3, 292n4Committee of Sponsoring
Organizations of the TreadwayCommission, see COSO
Communication, 2428clarity, 2435concision, 247
INDEX 295
Communication continuedconsistency, 248and consultation, 2456context, 247credibility, 2467effectiveness, 24785 Cs of communication, 2428importance, 244internal and external, 2446ISO3100, 2446key lessons, 2445RBPM framework, 232RBPM implementation, 247strategic objectives, 243
CompaSS, 147control assessment data, 198control map, 1957, 277control scorecard, 46, 127, 129f,
1989, 203, 258corporate performance management,
27corporate scandals, 10, 70corporate strategy, 21, 43, 91, 225corporate strategy map, 579, 110COSO framework, 54, 71, 74, 78,
173risk appetite managing, 99;
communicate, 99; develop riskappetite, 99; monitor andupdate, 99
risk management frameworks,714
CPM, see corporate performancemanagement
Crabtree, Aaron, 69, 286n8credit crunch, 12, 1418, 234, 26,
30, 39, 412, 47, 53, 6971,801, 83, 945, 100, 108, 136,158, 174, 210, 21516, 21819,225, 2301, 234, 240, 244, 266causes of, 15, 17, 1920, 216consequence, 18cultural reason, 231governance, and, 21519
IMF estimation, 17JP Morgan Chases success, 83leading areas, 21617lessons from, 20, 245reason for, 21risk-taking drivers, 240Royal Bank of Scotland, 94
credit enhanced training, 219criminal-related incidents, 156critical capabilities, 30critical success factors, 231CRM, see customer relationship
managementCroll, Grenville J., 261, 291n5CSF, see critical success factorsCtW Investment Group, 83culture
accountability, 239characteristic, 237clear set of values, 235compelling vision, 2345conversations, 240definition, 2378discipline, 76financial services research, 2334incentives, 2402leadership with integrity, 2368strategy-focused, 23442
customer experience, 146customer relationship management,
128, 145, 157, 193
dashboards, role of, 25862DeBusk, Gerald, 69, 286n8Delaney Leadership Consulting, 246Dell, 89Deming, W. Edwards, 7, 285n2denial, psychology of, 1718derivative trading, irresponsible, 24digital technology development, 2double-entry bookkeeping, 149
eBay, 90economic crisis, 23
296 INDEX
Economist Intelligence Unit, 18, 100EFQM, see European Foundation for
Quality ManagementEnron Corporation, accounting
irregularities, 701enterprise risk management (ERM),
10, 723, 101, 112, 119, 1734,236see also risk management
Ernst & Youngs, 219, 234, 290n8,291n4, 291n11
European Foundation for QualityManagement, 89, 159excellence model, 9f, 156
Eurozone, 2, 206execution premium, 658
align the organization withstrategy, 67
develop the strategy, 656monitor and learn, 678plan the strategy, 667test and adapt the strategy, 68
exposure alignment matrix, 206fExxonMobil, 13
Facebook, 2The Failure of the Royal Bank of
Scotland, 958, 21718FDI, see foreign direct investmentfeedback
and communicationin context of RBPMloop, 132, 171stakeholder, 77
The Finance Function AchievingGlobal Excellence in a GlobalEconomy, 11
Financial Reporting Council, 21Financial Services Authority, 20, 48,
956, 98, 21718, 240, 259Financial Times Global 500 Index,
13first generation balanced scorecard,
623
foreign direct investment, 12foreign-exchange risk, 19four perspective risk map, 36f, 47,
1856, 2035, 255, 258FRC, see Financial Reporting CouncilFSA, see Financial Services Authority
Garter research, 265GBM, see global banking and
marketsGECs, see General Engineering
CompaniesGeneral Electric, 13General Engineering Companies,
57global banking and markets, 97globalization, 1114Globalization and the Changing UN
Economy, 12Goldfarb, Zachary A., 285n1Google, 88governance
apply approach, 223ASX Corporate Governance
Council, 2212board responsibilities, 2256boundaries setting, 224comply approach, 223and credit crunch, 21519data governance, 223decision making, 2245definition, 2203disclosure and transparency, 225IT Governance, 223King Report, 221OECD Principles of Corporate
Governance, 2223poor risk oversight, 21819, 218post-credit crunch, 21920, 219principles of, 2223project governance, 223RACI model, 2269RBPM framework, 216frisk management, and, 2256
INDEX 297
Royal Bank of Scotland, 21718UK Corporate Governance Code,
2201great depression, 17Greece, European Union bailout, 17
Hackett Group, 12, 156hard disciplines, 202, 215, 262, 280Hedges, Bob, 1689Hemington, Peter, 285n7high-performance culture, 146, 149HML, 4752
conceptual strategy map, 50foperational risk, 139scorecard indicators, 51f
IMF, 17, 19impact and likelihood (or
probability) matrix, 182India
global GDP share, 14tannual GDP, 13manufacturing exports, 13
indicators, 27, 31, 35, 489, 51, 82,11516, 12035, 145, 150, 153,1878, 192, 239, 256, 263, 277,280behaviour and, 133control scorecard, 129fdashboards, 277HML, 130integrated set of, 1246KCIs, 127KPIs, 126KRIs, 1267leading and lagging, 1303performance conversation, and,
1234performance scorecard, 128frisk scorecard, 128fscorecards, 12730working, 130
industrial-age thinking, 10Industrial and Commercial Bank of
China, 13
industrial revolution, 56initiative alignment matrix, 1636,
163f, 278f, 279initiative selection templates, 1603
Ashghal case, 1603Palladium, 160
Insights into the Post RecessionBusiness Environment, 14
Institute of Risk Management, 91,2378
integrated approach, 313appetite, 32business drivers, 31
integrating strategy, 21, 25, 247integration models, 803
JP Morgan Chase, 823Kaplan and Norton approach,
812Manigents financial services, 80Volkswagen Do Brazil, 823
International Organization forStandardization, 76
Ireland, European Union bailout, 17IRM, see Institute of Risk
Managementiron-making techniques, 6
see also industrial revolutionISO, see International Organization
for StandardizationISO31000, 45, 54, 58, 7681,
103, 1756, 244, 246,287n15balanced Scorecard, 79principles and guidelines, 789recommendations, 76risk management principles,
778see also risk management
JP Morgan Chase, 24, 42, 823,232, 285n1, 287n21
Juran trilogy, 7see also total quality management
298 INDEX
Kaplan, Robert, 33, 54, 87, 120,286n1, 286n2, 286n3, 286n4,286n5, 286n6, 287n10, 287n3,288n1, 289n10
Kaplan approach, integration models,812
KCIs, see key control indicatorskey control indicators, 356, 120,
122, 1249, 132, 149, 152, 167,197200, 256, 263
key controls, 1935categories, 194effectiveness, 197control activities, 194control environment, 194information and communication,
195internal control, 1935monitoring, 195objectives, 194risk assessment, 194
key dashboards and management,457
key indicators, see indicatorskey performance indicators, 336,
51, 57, 59, 61, 84, 12058,1878, 204, 263actionable, 1534candidate identification, 158cause and effect, 150describing a strategic initiative,
1578existing initiatives, 159financial, 14850high-performance cultures, 149initiative selection templates,
1603; Ashghal case, 1603;Palladium, 160
non-financial, 14850ownership, 1523preferred initiatives, 159prioritizing initiatives, 158resource allocation, 160strategic initiatives, 1578
strategic versus operational,1502; common definitions,151; do not repackage, 151;driving the right behaviours,1512
target selection, 1547;achievable, 155; benchmarking,1556; relative performance,1556; trending, 1567
key risk indicators, 356, 51, 81,104, 111, 120, 122, 1248,1312, 149, 152, 167, 172, 181,1878, 190, 192, 200, 240, 256,263development of, 187function of, 188key employee retention rate, 188overview of, 1878
key risks, 11214, 17782execution risk, 178financial risk, 179operational risk, 1789strategic risk, 178techniques, 113
key terms understanding, 1448differentiating key indicators, 145differentiating objectives, 145excellent management of
knowledge, 147initiatives, 145objective accountability, 1478objective description, 146objective desired state, 1467
King Report, 221Kirkpatrick, Grant, 217knowledge age, 78, 11KPIs, see key performance indicatorsKRIs, see key risk indicators
Lagace, Martha, 288n1leading indicator, 82, 1312likelihood rating, 1834LinkedIn, 11, 85, 150Lizwe, Nikala, 287n2
INDEX 299
London School of Economics, 17loss management, 16972
authorizations, 172birth of, 1736business impact assessment, 171corrective actions, 171estimation, 170information analysis, 172investigation, 170loss event capture, 170reporting, 172root cause analysis, 171
LSE, see London School ofEconomics
Makhijani, Naresh, 287n9Making Strides in Financial Services
Risk Management, 219, 234,2412
Malcolm Baldrige criteria, 154, 156Malcolm Baldrige national quality
framework, 9fManagement Tools & Trends 2011, 68managing performance, 337managing risk, 378Manigent, 1634, 204, 255, 257
see also appetite alignment matrixManigent Financial Services, 80, 27tMarr, Bernard, 287n9, 289n7Martens, Frank, 99, 288n9, 288n11,
288n13, 288n15, 288n19,288n20, 288n222, 289n11
maturity model, 2812Mauborgne, Renee, 90, 288n6MCI Corporation, 71McKinsey & Co, 13McNaughton, Ross, 285n15Mehr, Robert, 1689Microsoft, 13Middle East, protests and rebellions
across, 2Miller, Robert, 291n2Mintzberg, Henry, 10, 285n3money-losing mortgage, 83
mortgage-backed securities industry,16see also sub-prime lending
Moti, Ukerto, 90, 288n7Motorola, 878Motorola Mobility, 88Motorola Solutions, 88
NAICOM, see Nigerias NationalInsurance Commission
NatWest Bank, 94see also Royal Bank of Scotland
The New Economic World Order, 13New Zealand, risk management
process, 746Nigerias National Insurance
Commission, 179Norton, David, 33, 54, 87, 286n4,
286n5, 286n1, 286n2, 286n3,286n4, 286n5, 286n6, 287n3,289n10
Norton approach, integrationmodels, 812
OECD, see Organization forEconomic Cooperation andDevelopment
operational losses or loss events, 169operational risk maturity model, 48
see also HMLoptimal (aligned) zone, 206Orange Book, 756, 102forganizational risk management, 27Organization for Economic
Cooperation and Development,222
ORM, see organizational riskmanagement
ORMM, see operational risk maturitymodel
Osterwalder, A., 109, 288n21,292n5
OSullivan, Ronan, 285n15over-exposed zone, 206
300 INDEX
Payment Protection Insurance, 133performance
balanced scorecard, 13940objective-setting workshop, 144-sapping problems, 122strategic objectives, 1389sub-components, 1378
performance gaps, identification of,36
performance scorecard, 46, 127,128f, 148, 149f, 203, 280
PESTEL analysis, 33, 1067, 273elements of, 107f
Petrobras, 13PetroChina, 13Pierce, Andrew, 285n10Pigneur, Yves, 288n21, 292n5Plan operations, 67PMCs, see Program Management
CompaniesPorras, Jerry, 272, 292n3, 292n4Porter, Michael, 88, 287n4Portugal, European Union
bailout, 17PPI, see Payment Protection
InsurancePricewaterhouseCoopers, 72Prince, Charles O., 236, 291n5Principles of Scientific Management,
67process alignment matrix, 165f, 278f,
279usage, 1656
profound knowledge, 8Program Management Companies, 57
RACI model, 5, 215, 2269, 230,239, 257, 281accountable, 227benefits of, 2289consult, 227inform, 227responsible, 227steps, 2278
RAGAR colour coding, 1346conventional approach, 134performance-only approach, 135ranges, 134scoring challenges management,
136scoring range, 134usage of a, 153
Ranford, Mark, 58, 235RBPM approach implementation,
2684align, 277analyse, 26970articulate the chosen business
model, 273communication importance,
2823continuously refine the
framework, 280culture management, 2812embed, 27984iterations series, 276left circle, 40fmobilize, 2726operationalize, 277plan, 2702RACI model, 281risk appetite, 2756risk map, 274soft disciplines, 2801strategic approach, 272strategy map, 273technology, role, 2834
RBPM definition, 1959Control Map, 1957Controls Scorecard, 1989KCIs, 1978
RBPM framework, 3f, 45, 22, 25f,302, 39, 41, 445, 48, 53, 54f,70, 83, 86f, 100, 1234, 138,164, 166, 168, 171, 185, 2002,213, 216, 218, 227, 230, 232,2503, 256, 2589, 264, 267,2701, 280, 2823
INDEX 301
aligning risk-taking, 4governance, 216fleft circle, 4f, 32right circle, 5f, 41frisk appetite, 25sequencing, 4softer disciplines, 4
RBPM maturity model, 282fRBS, see Royal Bank of Scotlandrecession, 2, 14, 17, 107red ocean, 90Rein, Lisa, 285Rigby, Darrell, 286n7risk and business strategy, 201risk and control scorecards, 47, 258risk appetite, 22, 33, 93, 99100,
103, 111, 11314, 116, 119, 191,205, 238aligning, 114and risk profiles, 20articulation of, 238, 242business model canvas, 10910business models, 1089cascading, 118COSOs definition, 101COSO view of managing, 99critical role of, 119definition, 1001, 11416,
1901, 238, 242; OrangeBook, 1023; RBPM, 103; riskmanagement code, 103
key business drivers identification,105
key drivers, 1057key risks, definitions and
assessment, 11214measurement, 11618multidimensional construction,
113fPESTEL analysis, 106purposes of, 119RBSs failure, 948risk levels defining, 110risk tolerance, and, 1034
statement, 10416strategic objectives, 11012strategy, and, 948summarized statement, 116fsummary benefits, 11718SWOT analysis, 106tracking, 108
risk assessment, 59, 79, 1827four perspective risk map, 1857
Risk Bow-tie, 17981risk categories, 184trisk event card, 82Risk Heat Map, 59, 182, 183f, 185risk identification template, 1812risk likelihood rating, 184trisk management
aligning risk appetite and strategy,723
Australian standards, 746categories of risk, 178fcorporate failures, 701COSO, 714cross-enterprise risks, 73definition, 73, 1757discipline and function, 16873emergence of, 167enhancing risk response decisions,
73failure of, 5, 1820, 100, 174first appearance, 10governance, and, 2256identification of key risks, 17782;
execution risk, 178; financialrisk, 179; operational risk,1789; strategic risk, 178
improving deployment of capital,73
ISO31000, 7680NAICOM categories of risk, 179fNew Zealand Standards, 746Orange Book, 756reducing operational surprises and
losses, 73Risk Bow-tie, 17981
302 INDEX
risk management continuedrisk identification template,
1812SarbanesOxley, 71scandals, 701seizing opportunities, 73steps, 168systematic analysis and
conversation, 172uncertainty element of, 1789
Risk Management MaturityDashboards, 48
Risk Map, 45, 59, 136, 183, 185,187, 196, 229, 2745, 277, 280example, 275f
Risk Master, emergence of, 2630C-level risk executive, 29continuous improvement, 29decision-making processes, 28integrate risk management
capabilities, 28measurement sophistication, 28risk awareness, 29shareholder value, 28
risk mitigation plan, 48level of urgency, 182
risk scorecard, 46, 127, 128f, 1923,203, 258, 280accountable person, 192appetite alignment status, 192design, 192organization key risks, 192risk assessment data, 192
risk-taking aligning, 3844,2034appetite alignment matrix, 204communication, 44culture, 423four perspective risk map, 203governance, 3942right circle, 3944shareholder value, 44strategy map, 203
risk tolerance, 1034, 111, 127,18892Aerospace supplier, 18990compliance tolerances, 190definitions of, 1901operations tolerances, 190reporting tolerances, 190water company, 1912
Rittenberg, Larry, 99, 288n9,288n11, 288n13, 288n15,288n19, 288n20, 288n22,289n11
RMP, see risk mitigation planRoyal Bank of Scotland, 16, 21, 84,
94, 171, 266boards role in strategy, 967cause of failure, 956credit crunch, 948failure of, FSA report, 958,
21718internal audit report, 97
Saatchi and Saatchi Worldwide, 147see also CompaSS
salary, betterment of, 10SarbanesOxley act, 71, 223,
287n11, 290n15, 291n3Schwarz, Nelson D., 287n21scoring methodology, 134
see also RAGAR colour codingSEI, see Carnegie Mellon University
Software Engineering Instituteseven RBPM disciplines, 457SharePoint, 51, 252shifting paradigms, 23silo-working, 7Silver-Greenberg, Jessica, 287n21six sigma, 67, 878Smart, Andrew, 26, 80, 233, 286n2,
287n17, 291n3Smith, Alan, 288n21, 292n5social media, influence of, 2soft disciplines, 4, 202, 215, 248,
2623, 2801
INDEX 303
spreadsheets, shortcomings of using,25962archiving, 261assumptions, 262cottage industries, 260enterprise interoperability, 262fraud, 261front-line concern, 260high risk, 260interpretation, 261lack of collaboration capabilities,
261lack of well-constructed built-in
approach, 261multiple versions of the truth, 260opacity, 262overconfidence, 261reification, 262
StatexPoint solution, 51Statoil, 123strategic performance management,
289n6strategic planning, 10, 278, 63,
689, 77, 154Strategy and Risk Studio, 2524, 256strategy
blue ocean strategy, 90for commercial and non-profit
organizations, 901corporate strategy, 91definition of, 914Michael Porters definition, 88operational focus, 878risk, 91risk appetite and, 948set, 323setting, 923strategic importance of appetite,
94100Sun Tzu, 867three value-disciplines, 8990;
customer intimacy, 8990;operational excellence, 89;product leadership, 90
strategy-focused organization, 635align the organization, 64execution premium model, steps
of, 66fmake a continual process, 65make strategy everyones everyday
job, 645mobilize change through
executive leadership, 65principles of, 64ftranslate the strategy into
operational terms, 634strategy management theory, 140strategy map, 33, 34f, 478, 5561,
143Christchurch City, 154femergence of, 63example, 140f, 141f, 274finternal process perspective, 111objective on, 139perspective of, 146Saatchi and Saatchi, 142fand scorecard, 34
StratexLive, 2523StratexPoint, 2523, 2567, 259,
283implementation of, 259
StratexSystems, 48, 2523, 2578see also HML
Strengthening Enterprise RiskManagement for CompetitiveAdvantage, 174
sub-prime lending, 1517, 174Sun Tzu, 867, 287n1supporting customer objectives, 139supporting performance, 47SWOT analysis, 33, 106f, 273
tail-risk meetings, 39Taylor, Fredrick W., 6, 285n1Taylorism, 6, 10
impact of, 6technology and culture, 257
304 INDEX
technology, role ofappetite alignment matrix, 255control self-assessment processes,
256four perspective risk map, 255integrated strategy, 252key risks, 252limitation, 2512Manigent, 255non-technology aspects, 255RACI model, 257RBPM approach implementation,
254RBPM enabler, 2514RBPM framework, 250frisk assessment, 256risk management solutions, 252SharePoint, 252Strategy and Risk Studio, 2534strategy map, 252StratexLive, 2523StratexPoint, 2523StratexSystems, 255technological capabilities, 2624visualization, 25862
total quality management, 711, 87,121popularity of, 8Xerox, adopter of, 8
TQM, see total quality managementtraining initiatives, 49, 51, 239Treacy, Michael, 8990, 287n5turbulent times, 24, 14, 213, 25,
39, 53, 91, 109, 120, 185, 2001,250, 267, 284
Turnbull, Nigel, 290n3Tyco International, 71
UK bank Northern Rock, 16UK Corporate Governance Code,
21, 39, 2201UK financial services study, 26under-exposed zone, 2078Understanding and Articulating
Risk Appetite, 238, 244Understanding and Communicating
Risk Appetite, 989, 104, 188United States
bankruptcy, 71debt issue, 2economic hegemony, 13global GDP share, 14tsub-prime lending, 1517
Virgin Money, 16Volkswagen Do Brazil, 823
Walker, Lord David, 241, 291n10Walker Report, 241Wal-Mart, 89Water Quality Index, 191Water Quality Sampling Results, 191Weatherill, Gillian, 47, 130, 237, 239Wiersema, Fred, 8990, 287n5WorldCom scandal, 71
Xerox Corporation, 8
YouTube, 2