Author Archives for Jim DeLoach

Should Boards Have a Separate Risk Committee?

Published by

Among many other duties, the board is tasked with ensuring that a process is in place for managing the significant risks facing the organization and that those processes are continuously improved as the business environment changes. While the full board retains overall responsibility for risk oversight, there are several ways to think about how this process is organized. Key Considerations  One approach is for the full board to coordinate the scope and accountabilities of risk oversight, assigning certain responsibilities to the various standing committees. The full board receives reports from management and each committee regarding the status of critical risks... Read More


How Mature Are Your Risk Management Capabilities?

Published by

“How mature is our risk management?” Chances are good that you have been asked this question at least once. At Protiviti, we hear it frequently. The common presumption is that the more mature a process, the more effective it is. But what does that really mean, and how does the concept of maturity apply to risk management? Effective enterprise risk management (ERM) enables timely responses to the risks that matter most to an organization. An effective risk management infrastructure is constructed using the following six elements: Policies Processes People and organization Reports Methodologies and assumptions Systems and data Once in... Read More


New Study Illustrates the Importance of Looking Long Term When Identifying Emerging Risks

Published by

Time horizon—or a planning horizon—is  the estimated length of time needed to accomplish the goals outlined in a strategic plan, business plan, project plan or program. Assigning a time horizon facilitates accountability for achieving expected goals. In risk assessment exercises, it is important to clarify this variable when engaging with people because their perspectives and respective responsibilities will influence their views on what the time horizon might be. But does the risk assessment process use a time horizon that looks out far enough? Key Considerations  In a risk assessment, there are several time horizon attributes worth considering: The longer the... Read More