Podcasts about Enterprise risk management

Engaging in Enterprise Risk Management and Campus Security

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Justin and his guest, Kirti Mutatkar, discuss Kirti's journey to become President & CEO of UnitedAg and President of HCAA. Kirti speaks of her master's degrees in microbiology and finance, and how they work together in healthcare risk. Justin and Kirti explore stress awareness and mental health awareness and how these issues are managed at UnitedAg. Kirti tells how she wove attention to compassion and empathy into the fabric of healthcare administration at UnitedAg, and what that means for the financial success of the organization. She notes the significant growth of UnitedAg under her leadership, and how the scientific method of experimentation played a major role in that growth.   Kirti shares her advice for leading healthcare with compassion, and the roles supervisors and managers can play in looking for tell-tale signs of mental health needs. Listen to Kirti's leadership wisdom that may work in your organization. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Registration is open for RISKWORLD 2025. Engage Today and Embrace Tomorrow with RIMS, from May 4th through May 7th in Chicago, Illinois. Register at RIMS.org/RISKWORLD. [:25] After you register, visit your App Store, search for RIMS Events, and download the RIMS Events App. Select RISKWORLD 2025, load the show onto your phone, and start building your RISKWORLD itinerary! [:41] About this episode of RIMScast. We will talk about healthcare risk and mental health awareness with Kirti Mutatkar, CEO and President of United Ag and the President of the Health Care Administrators Association. We're going to get a unique risk philosophy, today. [1:13] RIMS-CRMP Workshops! RIMS is co-hosting an intensive four-day program which is your gateway to achieving two prestigious certifications, the DRI Certified Business Continuity Professional (CBCP) and the RIMS Certified Risk Management Professional (RIMS-CRMP). [1:33] This workshop will be held from May 19th through the 22nd in collaboration with DRI International. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:48] Virtual Workshops! On June 12th, Pat Saporito will host “Managing Data for ERM” and she will return on June 26th to present the very popular new course, “Generative AI for Risk Management”. [2:05] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:16] RISKWORLD registration is open. Engage Today and Embrace Tomorrow, from May 4th through 7th in Chicago. The opening Keynote has been announced. It's official. Martha Stewart will kick things off in the Skyline Ballroom, on May 5th. Register at RIMS.org/RISKWORLD. [2:35] Also, remember that there will be lots of pre-conference workshops being held in Chicago just ahead of RISKWORLD. These courses include “Applying and Integrating ERM,” “Captives as an Alternate Risk Financing Technique,” and more! The links are in the show notes. [2:51] The Spencer Educational Foundation is having a Flash Sale for sponsorships at RISKWORLD! Sponsorship pricing has been reduced for the Spencer-CNA Pickleball Social on Saturday, May 3rd, and the Spencer-Gallagher Golf Tournament on Sunday, May 4th. [3:10] Sponsorships are still available for the Spencer-Sedgwick 5K Fun Run on Tuesday, May 6th. Visit Spencered.org/riskworld2025 to learn about these opportunities and more. Also, reach out to Spencer's Executive Director Megan Miller at MMiller@Spencered.org. [3:32] April is Stress Awareness Month and May is Mental Health Awareness Month. I wanted to get a fresh perspective through a risk management or risk-management-adjacent lens, which is why I reached out to today's guest. [3:49] Kirti Mutatkar is the President and CEO of UnitedAg in California and also the President, serving a two-year term, of the Health Care Administrators Association not for profit. [4:01] We will learn about her fascinating career journey and how leading with empathy has reduced turnover and retained value at UnitedAg. [4:10] Interview! Kirti Mutatkar, welcome to RIMScast!  [4:37] Kirti came to the U.S. to do her Master's when she was 20. She was going to study microbiology and do her PhD in genetics and biotech. Her circumstances changed and she explored getting an MBA. She got a Master's in finance. This was in Connecticut. [5:15] Kirti moved to California and looked for work. She applied at UnitedAg, to work for “a year or two.” Each year since then, UnitedAg has grown like crazy, with many innovations. Kirti has never felt that she has been there so long, she could do it in her sleep. [6:06] For Kirti, it's exciting every day to come to work. She was the CFO and transitioned  10 years ago to become the CEO. [6:25] Kirti was a member of HCAA for several years and is now President for a two-year term. The HCAA is very aligned with Kirti's thinking. She learns something with every conference she attends and every board meeting. [7:36] Kirti says, if everybody in the room feels it's their idea, and it's because of them we have succeeded, and you know you've played a role in that, that's success. [8:02] Kirti says a microbiologist, or any scientist, is constantly running experiments, and learning from experiments. Kirti says UnitedAg is a lab. HCAA is a lab. They're testing out things and trying to see what works and what does not work. [8:36] You understand the risks to the healthcare industry at a deeper level by doing experiments. You watch the results and you learn from them. You create feedback loops and grow. [8:53] Under Kirti's leadership, UnitedAg has tripled in size over the last couple of years, based on experimentation, learning, and adapting. That's what being a science student had taught her. [9:14] From the finance standpoint, in the position of impacting change, just looking at the financial statements and getting a quick picture of what's happening, was one of the best things Kirti could have done for herself in the role of CEO. [9:39] As a CEO, you have a strong CFO behind you. Understanding from a financial standpoint and a risk standpoint what that risk means to the financial, has been a big part of Kirti's success at UnitedAg. Her knowledge of science and finance works well for her organizations. [10:15] UnitedAg has around 110 employees. It has an underwriting department for its health plan. [10:45] Kirti believes her interest in the scientific method of testing hypotheses relating to the human side of risk and finance is what she brings to UnitedAg. [11:25] Kirti explains her upcoming plans for underwriting models for employer group risk and administrative costs. She is testing out opening the books, educating, and working with employer groups. [12:33] With Mental Health Awareness Month in May, Kirti discusses mental health in the agricultural community. She has been thinking of this since COVID-19. Ag workers did not have the choice of working from home. They were out in the fields. [13:15] There was a lot of uncertainty around what COVID-19 meant. In 2020, the need surfaced to provide some form of benefit for mental health. Culturally, in the ag industry, there is a stigma around mental health care. There is a lot of stress in production agriculture. [13:54] Kirti decided to run an experiment. She proposed to the board to use some of the innovation dollars set aside to offer a mental health benefit free of cost to all the members, with no copays and nothing going to the deductible, and doing it for one year. [14:28] It was a huge risk. They didn't look at the financial impact. They said, there's a need for mental health; let's do it for a year. They offered it and it became a huge impact. [14:56] A lot of people did seek out that benefit and used it. UnitedAg used Care Navigators to see what level of care a member's need was, and based on that need, provide that care. They found that some needed much care but more of the risk is in the early stages of need. [15:59] In the earlier stages, individuals may not realize they need care. Kirti stresses identifying the initial need for mental health care. Providing care initially can prevent chronic conditions. Not just for health plan cost, but from a human standpoint, you don't want that to go there. [16:33] UnitedAg spends a lot of time understanding mental health. Are you just having an anxious day today or are you having chronic anxiety? With the Chief Medical Officer, UnitedAg is spending time determining the tell-tale signs of anxiety to identify and help people with it. [16:59] Free access to mental health care, using Teladoc, Spring Health, other vendors, and the Member Advocacy Department at UnitedAg can be as simple as getting on a call and talking through anxiety, whether it's caused by environmental issues like flooding, or other stresses. [18:14] Kirti says UnitedAg is seeing anxiety around ICE deportations as labor is a big part of agriculture. There are a lot of people who come to work in the ag industry and then go back home. [18:39] Employees have anxiety over whether they will be there tomorrow. Employers have anxiety over whether they'll have access to labor tomorrow. [19:12] Uncertainty creates anxiety. The ups and downs of life create anxiety. [19:28] Plug Time! RIMS Webinars! Zurich's webinar, “Understanding Third-Party Litigation Funding” will be held on May 1st at 1:00 p.m. Eastern. Then RIMS takes a little break from webinars. [19:43] On May 22nd, webinars are back with GRC, a TÜV SÜD Company, and their newest session, “Asset Valuations in 2025: Managing Tariffs, Inflation, and Rising Insurance Scrutiny”. [19:55] On May 29th, Origami Risk returns to present “Strategic Risk Financing in an Unstable Economy: Leveraging Technology for Efficiency and Cost Reduction”. On June 5th, Zywave joins us to discuss “Today's Escalating Risk Trajectory: What's the Cause and What's the Solution?” [20:17] More webinars will be announced soon and added to the RIMS.org/Webinars page. Go there to register. Registration is complimentary for RIMS members. [20:29] Spencer Educational Foundation will be present at RISKWORLD 2025. Spencer's Grants Program is starting soon. [20:38] Spencer's goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada. [20:51] Since 2010, Spencer has awarded over $3.3 million in General Grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [21:14] General Grant awardees are typically notified at the end of October. Learn more about Spencer's General Grants through the Programs tab of SpencerEd.org. [21:25] On the 7th of October, the New Jersey RIMS Chapter will return to the beautiful Fiddler's Elbow Country Club in Bedminster, New Jersey for their Annual Charity Golf/Pickleball Event. [21:37] Registration is open and the event proceeds are used to fund the chapter's Spencer and Kids' Chance Scholarships. It was the filming location for the upcoming movie sequel Happy Gilmore 2. For more information, and to register, please NewJersey.RIMS.org. [21:59] Let's Return to My Interview with Kirti Mutatkar! [22:07] Justin remarks on Kirti leading with compassion and empathy. Both at HCAA and as CEO of UnitedAg, she puts humans at the center. People remind her it's a business, but she has found that using compassion and empathy has an impact on real numbers. [23:26] Kirti reminds people she has a degree in finance and is a businessperson. UnitedAg has tripled in size. It is a quarter-billion-dollar trust. Its admin costs are very low and its loss ratio is very low. It's done very well financially. [23:53] Kirti makes a decision based on the financial aspect of it and then fits in the compassion and empathy. Eventually, compassion has a big impact on the financial. Now at HCAA, people are looking at how compassion translates into numbers. UnitedAg is a perfect example of it. [24:52] Some people may want to look at it purely from a business standpoint. Kirti feels that adding compassion and empathy manages the risk factor and has a financial impact. It's better for your business than you think it is. It's not a fluff word, you can show it in numbers. [25:52] Kirti is part of the Claims Committee at UnitedAg. Appeals come in and they make decisions on what can or cannot be approved. There is legal representation, client representation, and financial representation. Kirti shares an example of a mental health appeal. [26:41] The appeal was denied and Kirti listened to the compliance and financial positions for why it was denied. She didn't feel right about it, and after the meeting, she reached out to the employer. Then she came back to the committee and asked them to rethink it. [27:34] The committee found a solution within the compliance needs, to approve the claim. In the future, that employer will be apt to renew with UnitedAg because trust was created and help was provided to the employee. It was a financial decision that started with compassion. [29:16] UnitedAG's customer retention is over 90%. That speaks for itself. [29:26] RIMS Plug! From Ryan Harris, upcoming Keynote on the Main Stage on May 6th at RISKWORLD 2025, “Greetings RIMS members and global risk professionals! I'm Ryan Harris, Champion of Super Bowl 50, best-selling author, and award-winning broadcaster. [29:46] “I'm thrilled to be your Main Stage Keynote for RISKWORLD 2025, where we will discuss the transformative five steps to building a championship team and leading to winning! You can learn more about me and my story by listening to RIMScast. [30:01] ”And more than anything, make sure to register for RISKWORLD 2025 by visiting RIMS.org/riskworld. I'm so thrilled to see you and I'm looking forward to us building together so that you can reach your greatest success!” [30:16] Thank you, again, Ryan. We look forward to seeing you at RISKWORLD 2025 on May 6th. A link to Ryan's episode of RIMScast, #325, is in this episode's show notes. Get a preview of the Super Bowl Champion and remember to register for RISKWORLD 2025. [30:33] Let's Return to the Conclusion of Our Interview with Kirti Mutatkar! [30:46] Kirti says that bringing mental health into the Enterprise Risk Management strategy starts with the HR department. UnitedAg does a lot of training around mental health. There are good products available, but just saying we have this product, as a check mark, is not enough. [31:16] Go deeper, listen to your members, and train your supervisors and managers to identify some of the tell-tale signs of needs and bring them forward. Kirti's Chief of Staff remarked to her that physical scars can be seen, but mental scars cannot be shown. [31:49] You have to go deeper to understand mental scars. Spread the word. Talk to your employees and HR teams. Be OK with someone getting emotional at work. Give them a safe space and a trusting environment. Everybody goes through anxiety and stress. [32:20] Providing a safe space does more than providing a program. Engaging, building relationships, and having a connection would be helpful. [32:35] As a CEO, Kirti's biggest takeaway is to maintain a connection with everybody. She tries to do that as much as possible. She goes to CEO lunches and roundtables and is constantly talking to people. You never know what someone will say or do that is a tell-tale sign of need. [33:06] Kirti's advice for risk management professionals is to go a little deeper. Don't take things at face value. Take a step back and ask what is the true problem. Go one or two layers deeper looking for the real issues. Understanding the issue is good from a risk standpoint. [33:50] Are there not enough mental health professionals or should we look at the model for how we provide care for people? [34:10] Kirti also has a podcast, This Is Ag!, available on Spotify and other podcast platforms. She loves podcasting! The reason behind it is relationship and connection. It's to tell people what ag is all about. This year's focus will be on the ground workers and telling their stories. [34:58] There is so much to learn from agriculture! A lot of things still happen with a handshake in agriculture. There's a lot of trust and a lot of relationship and connection. Kirti loves working in the industry. She's very grateful for that. [35:14] Kirti tells what she likes about leading a not-for-profit organization. She runs it as a business but the core of it is the mission it serves. HCAA serves the underserved and she is testing how compassion and empathy play a role in the process. [35:44] Special thanks again to Health Care Administrators Association President and UnitedAg President and CEO, Kirti Mutatkar. There is a link to her podcast, This Is Ag!, in this episode's show notes.b Let her know you heard her first on RIMScast. [36:02] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [36:30] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [36:48] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [37:06] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [37:22] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [37:36] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [37:44] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Links: RISKWORLD 2025 — May 4‒7 | Register today! Download the RIMS Events app! Spencer's RISKWORLD Events — Register or Sponsor! LAST CALL! RIMS Texas Regional 2025 — August 3‒5 | Advance registration rates now open. RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Risk Management magazine RIMS Now The Strategic and Enterprise Risk Center Spencer Educational Foundation — General Grants 2026 — Application Dates This Is Ag! — Podcast, Hosted by Kirti Mutatkar RIMS Webinars: RIMS.org/Webinars “Understanding Third Party Litigation Funding” | Sponsored by Zurich | May 1, 2025 “Asset Valuations in 2025: Managing Tariffs, Inflation, and Rising Insurance Scrutiny” | Sponsored by GRC, a TÜV SÜD Company | May 22, 2025 “Strategic Risk Financing in an Unstable Economy: Leveraging Technology for Efficiency and Cost Reduction” | Sponsored by Origami Risk | May 29, 2025 “Today's Escalating Risk Trajectory: What's the Cause & What's the Solution?” | Sponsored by Zywave | June 5, 2025   Upcoming RIMS-CRMP Prep Virtual Workshops: CBCP & RIMS-CRMP Exam Prep Virtual Bootcamp: “Mastering Business Continuity & Risk Management” | May 19‒22, 2025 | In Collaboration with DRI International Full RIMS-CRMP Prep Course Schedule “Managing Data for ERM” | June 12 | Instructor: Pat Saporito  “Generative AI for Risk Management” | June 26 | Instructor: Pat Saporito See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Risk and Leadership Patterns with Super Bowl Champion Ryan Harris” (RISKWORLD 2025 Keynote) “Maintaining an Award-Winning ERM Program with Michael Zuraw” “National Nurses Week 2021: How COVID-19 Has Impacted the Nursing Profession with Dr. Sophia Thomas and Vicki Good” “Mental Health in the Workplace with Darcy Gruttadaro” (2021)   Sponsored RIMScast Episodes: “Change Management: AI's Role in Loss Control and Property Insurance” | Sponsored by Global Risk Consultants, a TÜV SÜD Company (New!) “Demystifying Multinational Fronting Insurance Programs” | Sponsored by Zurich “Understanding Third-Party Litigation Funding” | Sponsored by Zurich “What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Kirti Mutatkar on LinkedIn Kirti Mutatkar, CEO and President of United Ag   Production and engineering provided by Podfly.  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Justin and his guest, Jeff Strege, Senior Director for Risk Management at Academy Sports + Outdoors, explore what led Jeff to risk management, and the path that led to Academy Sports + Outdoors within the sporting goods and outdoor retail space. Jeff comments on his work building out the ERM framework at Academy to improve claims management, employee safety, and liability prevention. Jeff shares his approach to workers' compensation and Academy Sports + Outdoors's goal to help the workers recover and return to work. In addition to career insights, they discuss Jeff's upcoming panel participation in HUB's webinar on April 17th, “From Defense to Prevention: Strengthening Your Liability Risk Management Approach,” covering topics such as third-party litigation funding and its impact on the industry.   Listen to Jeff's wisdom, born from experience, on managing your risk career. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Registration is open for RISKWORLD 2025. Engage Today and Embrace Tomorrow with RIMS, from May 4th through May 7th in Chicago, Illinois. Register at RIMS.org/RISKWORLD. [:25] After you register, visit your App Store, search for RIMS Events, and download the RIMS Events App. Select RISKWORLD 2025, load the show onto your phone, and start building your RISKWORLD itinerary! [:41] About this episode of RIMScast. Our guest is former RIMS Houston Chapter President, Jeff Strege. We will talk about his career and how ERM continues to play a pivotal role today. [1:08] RIMS-CRMP Workshops! As part of RIMS's continuing strategic partnership with Purima, we have a two-day course coming up on April 22nd and 23rd. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:28] Virtual Workshops! On June 12th, Pat Saporito will host “Managing Data for ERM” and will return on June 26th to present the very popular new course, “Generative AI for Risk Management”. [1:45] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [1:56] RISKWORLD registration is open. Engage Today and Embrace Tomorrow, from May 4th through 7th in Chicago. Register at RIMS.org/RISKWORLD. Also, remember that there will be lots of pre-conference workshops being held in Chicago just ahead of RISKWORLD. [2:14] These courses include “Applying and Integrating ERM,” “Captives as an Alternate Risk Financing Technique,” “Contractual Risk Transfer,” “Fundamentals of Insurance,” “Fundamentals of Risk Management,” RIMS-CRMP Exam Prep, and more! The links are in the show notes. [2:33] The Spencer Educational Foundation is having a Flash Sale for sponsorships at RISKWORLD! Sponsorship pricing has been reduced for the Spencer-CNA Pickleball Social on Saturday, May 3rd, and the Spencer-Gallagher Golf Tournament on Sunday, May 4th. [2:51] Sponsorships are still available for the Spencer-Sedgwick 5K Fun Run on Tuesday, May 6th. Visit Spencered.org/riskworld2025 to learn about these opportunities and more. Also, reach out to Spencer's Executive Director Megan Miller at MMiller@Spencered.org. [3:13] Our guest today is Jeff Strege. He is the Senior Director for Risk Management at Academy Sports + Outdoors. Academy is one of the U.S.'s largest sporting goods and outdoor stores with 301 locations across 21 states, as of March 2025. [3:33] Jeff is also a long-time RIMS member. He's the former president of the RIMS Houston Chapter and is a RIMS-CRMP holder. [3:41] In addition to his outstanding resume, Jeff will be lending his insight to the RIMS Webinar on April 17th, presented by HUB in their Ready for Tomorrow series. It's called “From Defense to Prevention: Strengthening Your Liability Risk Management Approach.” A link is in the notes. [4:01] In today's RIMScast interview, we will discuss how ERM has played a role in his career and how he manages risk in so many locations at the Academy. We will get a preview of his upcoming appearance on the Hub webinar and his thoughts on third-party litigation funding and its impact. [4:27] Interview! Jeff Strege, welcome to RIMScast! [4:45] As a Houstonian, Jeff grew up with Academy Sports + Outdoors. He's a long-term customer. In September 2020, Jeff promoted himself from customer to team member, although he still is an avid customer of Academy. [5:07] As the Academy brand is so well-known and beloved in Texas, Jeff has had the Risk Director role on his radar for many years. He had told his wife many times that if that role ever opened up at Academy, he would want to talk to them. In mid-2020, it did, and here he is! [5:29] Academy has 301 stores across 21 states as of March 7, 2025, and is headquartered in Katy, Texas, a Western suburb of Houston. Jeff graduated from Katy High School. [6:23] Academy Sports + Outdoors sells fun. They say “Have fun out there.” The items Academy sells are intended to help people be outdoors and active. Academy does a lot of work around product safety with manufacturers and suppliers, making sure they're sourcing safe products. [6:45] Academy Sports + Outdoors sells firearms and ammunition. Its goal is to be the most responsible retailer of those items in the country. [7:13] Academy Sports is responsible for following the laws of 21 states. Jeff has worked for national, multi-national, and global organizations, so he has worked with similar requirements. [7:48] Jeff worked for Sysco twice, first in the 90s and then in 2016 in a risk role similar to his current role at Academy Sports. Sysco went on a growth initiative while Jeff was there the second time and it was fun to be part of that but he couldn't pass up the opening at Academy. [8:23] Academy Sports + Outdoors has a risk department of 10 who report to Jeff. Jeff oversees the Enterprise Risk Management framework, the Insurance and Data Analytic functions, the Safety functions, and the Claim Management functions. [8:50] Jeff has three direct reports and they have functional contributors who are assigned to and report to them. Jeff's management style is to find the best possible people he can find. He's not a micro-manager. All of his staff are solid professionals who are good at what they do. [9:14] That allows Jeff to focus on strategy and executing strategic objectives while the staff keeps things working from day to day. Jeff reports to the General Counsel. In other companies, Jeff has reported to the General Counsel, HR, Treasury, or Finance. [9:42] Risk can logically report up a variety of chains to the leadership of an organization, as it touches so many aspects of the business. [10:22] Relative to firearms sales, Academy Sports has a compliance team to manage the process. They do an outstanding job. [10:39] When Jeff arrived at Academy Sports, one of his charges was to mature the ERM framework across the various organizational functions. Having the opportunity to work on that made Jeff a student of the business, which is one of the Academy's values. [11:09] Coming into the business, Jeff was fortunate to receive a safety culture already well-entrenched in the distribution centers. That team has been retooled over the years and continues to evolve as it trains and supports the operators in safe practices in their work. [11:45] Academy workers' compensation goal is to help team members recover so they can come back to work. They take a deliberate approach to working with them so they get the treatment they need, their benefits are paid timely, and their questions are answered. [12:11] Academy made a TPA change a couple of years ago that's given them more proactive tools. Both safety and claims are processes that Academy Sports continues to fine-tune. [12:25] The foundational strategy is “safety first.” If you're talking about managing claims but not about safety, there's a miss there, in terms of managing risk. [13:01] Plug Time! During this interview, we discuss the RIMS Texas Regional Conference 2025, held from August 4th through the 6th in San Antonio, Texas, at the Henry  B. Gonzalez Convention Center. That's where we held RISKWORLD 2018. [13:22] The day of this episode's release, April 15th, is the day registration opens for the RIMS Texas Regional Conference. You can get the Advance Rate from now through May 16th, 2025. A link is in this episode's show notes. You can also visit the events page of RIMS.org to register. [13:43] If you will be in the Dallas/Fort Worth area on April 17th, be sure to stop by Lonestar Park for DFW RIMS's 7th Annual Night at the Races. It will be a blast! Guest, Member, and Student tickets are available. Visit DFWRIMS.org and the link in this episode's show notes. [14:12] Let's Return to My Interview with Former RIMS Houston Chapter President Jeff Strege! [14:32] Jeff arrived at Academy Sports on Monday, September 28, 2020, and the company executed its Initial Public Offering on Friday, October 2nd, 2020. In preparing for the IPO, the company had built an ERM framework that helped inform the prospectus for investors. [14:59] When Jeff joined, he was charged with taking the framework foundation and building upon it to round out how Academy Sports views risk, scopes it, and manages it across the organization. It was a fascinating process. [15:21] He's gotten to know many good, smart people who are driving aspects of the business. [15:28] Every year, Academy Sports looks at ways to enhance the framework, to make sure it's as meaningful and informative to the leadership team and board as it can be. [15:54] The framework looks at ISO standards but most of it is inward-focused within the business of Academy Sports. What's going on in the world? How do we prevent or prepare for it? Should something occur, what strategies do we have to respond, react to, and recover from it? [16:39] Before the recent tariffs were passed, the risk team had discussed tariffs generically. Tariffs appear as subsidiary risks in a few places within the framework. Nobody in an organization can control what government leaders do. [17:22] In a way, sporting goods is a seasonal industry. Academy Sports + Outdoors sells a variety of different things and operates in a variety of climates. There's a holiday season and there are gift-giving holidays. The seasons for outdoor activities differ depending on location. [17:54] In Texas, Jeff grills and fishes year-round. It's different in a Northern climate with four distinct seasons. Hunting seasons are specifically defined. The things Academy Sports sells peak at different times of the year and the peaks sort of offset themselves. [18:25] The Academy Sports merchandising teams are diligent and deliberate in how they plan for cycling products for the seasons. [18:44] Holiday is the big season. In that, Academy Sports is like other retailers. Back-to-school time is also important. [18:57] The backyard grilling is Jeff's favorite section of the store. When he goes into the store with his wife he has to look at some grills. Jeff also works out and runs so there are several aspects of the store that he shops. [19:16] Academy sells location-specific licensed apparel. In Academy Sports + Outdoors in Houston, there is gear for the Astros, Texans, and Rockets. [19:49] From the standpoint of team member safety, Jeff refers to OSHA. Also, some states have more stringent safety requirements. Jeff's safety team drives consistency of practices and training across the footprint of the 21 states where Academy Sports + Outdoors operates. [20:36] Most of Jeff's work is done in Houston but his team gets out in the field periodically on a schedule. Jeff likes to go into the stores and distribution centers. That's where the business occurs. The work at Corporate supports the people who serve and interact with customers. [21:10] RIMS Webinars! Following the success of their recent webinar, HUB International returns for the next installment of their Ready for Tomorrow Series, “From Defense to Prevention: Strengthening Your Liability Risk Management Approach”. That session will be on April 17th. [21:29] Today's guest, Jeff Strege, is a panelist in that session! He's going to talk about it a little bit right after the break. [21:38] On April 24th, RiskConnect returns to deliver “Better Together: The Marriage of Insurable Risk and Business Continuity”. [21:45] Zurich's webinar, “Understanding Third Party Litigation Funding” was rescheduled to May 1st at 1:00 p.m. Eastern. If you were already registered for the original date, you are now registered for the May 1st session with Zurich. [22:09] On May 22nd, GRC, a TÜV SÜD Company, presents their newest session, “Asset Valuations in 2025: Managing Tariffs, Inflation, and Rising Insurance Scrutiny”. [22:22] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [22:33] Let's Return to my Interview with Jeff Strege! [22:46] Jeff will be joining RIMS on the HUB webinar about third-party litigation funding (TPLF) on April 17th, two days after the airing of this episode. Third-party litigation funding is a major issue for RIMS and the profession. [23:08] Academy Sports + Outdoors sees TPLF from time to time in litigated matters, but not often. The HUB webinar is largely focused on rising litigation costs and the rising value of litigated matters. Third-party funding is a driving force of that rise. [23:35] When there's a funding mechanism behind the damages claim by a plaintiff, there are interest obligations with that mechanism, which can be stiff. It does inflate the value of some matters. [24:13] Once Academy Sports + Outdoors learns third-party funding is present in a litigated matter, that's in the front of mind as they evaluate and proceed with trying to conclude the case. [24:32] In the HUB webinar on April 17th, Jeff will be discussing the client's experience, not only with TPFL but also around social engineering. There is a good panel put together for this discussion with varied perspectives that will offer a well-rounded conversation. [24:55] Panelist Bob Tyson of Tyson & Mendes, a defense lawyer in California, has creative approaches to managing and negotiating litigated cases. Panelist John Ferguson, Head of Excess Casualty at Zurich Insurance, brings an insurer's perspective to the webinar. [25:29] Panelist Carol Murphy of HUB is one of the best brokers Jeff has worked with. Jeff is looking forward to sharing the stage with this group, talking about managing claims litigation, prevention, and pre-litigation management. Safety is critical. Jeff will bring that up. [26:02] The link to the webinar is in the show notes. Register today! Registration is complimentary for RIMS members! You'll hear this webinar live with Jeff Strege of Academy Sports, Fred Ferguson of Zurich, Bob Tyson of Tyson & Mendes, and Carol Murphy of HUB. [26:34] Jeff has been involved with RIMS since the mid-1990s when he was with Sysco Foods for the first time and was elevated to the risk management role there. Starting with Houston, Jeff has been involved in various chapters in various capacities. [27:07] RIMS has been an important part of Jeff's career. He's gained solid relationships through RIMS that have yielded business relationships and relationships where he's been able to help others and be helped by them. RIMS will be very important to him as long as he works in risk. [27:51] Jeff was President of RIMS Houston for two years, until January of 2024. He serves on the board as Past President. [28:12] Having moved around the country and having held different roles, Jeff has met risk professionals from many areas. He says RIMS has high-quality chapters all over the country. The four Texas RIMS chapters have a lot of positive energy. [28:47] The chapters are working together with Justin's team in New York to host the first-ever Texas RIMS Regional Conference this August. Jeff is on the planning committee and he's excited about it. [29:04] The RIMS Texas Regional Conference will be held from August 4th through the 6th at the Henry B. Gonzalez Convention Center in San Antonio, on the River Walk, the site of RISKWORLD 2018. San Antonio is Jeff's favorite city in Texas. It's a wonderful host city. [29:30] There is a link in the show notes to the RIMS Texas Regional Conference 2025. Registration will open the week of the airing of this episode! [29:49] Jeff is a RIMS-CRMP holder. He earned that certification in November of 2019. He was excited to see RIMS introduce the certification. What he likes about CRMP is its governance focus. [30:23] Jeff had been doing risk management for a long time. The CRMP website has good sample test questions on it. He decided to work through the test questions several times. Then went and took the exam and scored pretty well, largely based on his experience. [30:48] Jeff says his ERM work over the years was helpful. The RIMS-CRMP is a good designation. Jeff appreciates that RIMS gives CRMP holders opportunities to network. He will continue to carry the designation as long as he is working. [31:09] Mos recertification points are CE-related. Jeff relies heavily on the Houston chapter's offerings and the sessions and seminars at RIMS functions. He appreciates the flexibility in terms of what qualifies, such as participation in broker-sponsored industry education. [31:50] Developing and delivering educational content is a favorite of Jeff's. He has served as Risk Manager in Residence (now Risk Manager on Campus). Jeff tells every risk manager it's amazing and they need to do it at least once. Jeff enjoys education and is always learning. [32:24] Jeff shares his advice for risk professionals. As Boomers in the industry start to retire, it's important to help the industry recruit, train, and young talent. It's a passion of Jeff's. [32:52] There are a few things Jeff would tell young professionals. One is you are the CEO of your career. Your career is your responsibility. Don't wait for a leader to bring opportunities or promotions to you. Be a student of your craft and trade. Set goals with plans to achieve them. [33:20] Jeff has managed his career that way by making strategic moves when it made sense for him to do so. He has no regrets. You're the CEO of your career, all in. Don't wait for others to act on your behalf. Whatever it is, be a student of your craft and seek opportunities to learn. [33:45] Grow your knowledge base, your experience, and your network. Jeff has benefited from RIMS in having a network of people who lean on each other and learn from each other. It's a wonderful thing! [33:58] Be a student of your business, wherever it is. Make connections within it. Seek out mentorships to learn on a broad basis what the business does and what its objectives are. You position yourself more visibly to add more value and to grow. [34:29] Jeff Strege, you have been such an inspiration today. I appreciate you so much for joining us here on RIMScast and being so giving with your time and wisdom! I look forward to seeing you at the first-ever Texas Regional 2025, August 4th through 6th in San Antonio! [34:48] Special thanks again to Jeff Strege for joining us here today on RIMScast! I look forward to seeing him at many RIMS events, including the first-ever RIMS Texas Regional Conference 2025, which will be held from August 4th through the 6th in San Antonio, Texas. [35:05] Register today through the link in this episode's show notes. [35:12] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [35:37] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [35:56] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [36:13] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [36:29] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [36:43] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [36:50] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Links: RISKWORLD 2025 — May 4‒7 | Register today! Download the RIMS Events app! Spencer's RISKWORLD Events — Register or Sponsor! RIMS Texas Regional 2025 – August 3‒5 | Advance registration rates are now open. DFW RIMS - 7th Annual Night at the Races / Lone Star Park – April 17, 2025 RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Risk Management magazine RIMS Now The Strategic and Enterprise Risk Center Spencer Educational Foundation — General Grants 2026 — Application Dates Announcement: RIMS and The Institute for Internal Auditors' Strategic Alliance on Education Nominations for the Donald M. Stuart Award [Canada] RIMS Webinars: RIMS.org/Webinars “Ready for Tomorrow? From Defense to Prevention: Strengthening Your Liability Risk Management Approach” | Sponsored by Hub International | April 17, 2025 “Better Together: The Marriage of Insurable Risk and Business Continuity” | Sponsored by Riskonnect | April 24, 2025 “Understanding Third Party Litigation Funding” | Sponsored by Zurich | May 1, 2025 “Asset Valuations in 2025: Managing Tariffs, Inflation, and Rising Insurance Scrutiny” | Sponsored by GRC, a TÜV SÜD Company | May 22, 2025   Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP Exam Prep with PARIMA | April 22‒23 Full RIMS-CRMP Prep Course Schedule   Upcoming Virtual Workshops: “Managing Data for ERM” | June 12 | Instructor: Pat Saporito  “Generative AI for Risk Management” | June 26 | Instructor: Pat Saporito See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Maintaining an Award-Winning ERM Program with Michael Zuraw” “Scenario Planning with the RIMS SERMC” “ERMotivation with Carrie Frandsen, RIMS-CRMP” “Risk Quantification Through Value-Based Frameworks” “Applying ERM Theory with Elise Farnham” “On Risk Appetite and Tolerance”   Sponsored RIMScast Episodes: “Understanding Third-Party Litigation Funding” | Sponsored by Zurich (New!) “What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog (New!) “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Jeff Strege, MBA, ARM, RIMS-CRMP, Sr. Director, Risk Management, Academy Sports + Outdoors   Production and engineering provided by Podfly.  

Many thanks to Jim Reber, CEO of ICBA Securities, for continuing to sponsor the show as well as come on each quarter to shed light on economic news. I know it's a big help to all of us here and to many of you as well. Be sure to register for the webinar he mentions at the end on Enterprise Risk Management. Jeff Rigsby is a great speaker and it'll be worth your time. You can register at https://stifel.zoom.us/webinar/register/WN_rg2hVHJHTWexHS8Jri1wTA#/registration

On this episode of the SeventySix Capital Sports Leadership Show, Wayne Kimmel interviewed Mark Hicks & Clint Hangebrauck from the NCAA. As Managing Director of Enforcement, Hick's primary role involves leading Enforcement's sport and issue-specific relationship and development initiatives, which include sports wagering, NIL, football, basketball, baseball, and track and field. His work involves helping member institutions and conferences navigate complex NCAA regulations while consulting public and private entities as they intersect with the NCAA.Hangebrauck has been the Managing Director of Enterprise Risk Management at the NCAA since January 2022. He has over 14 years of experience at the NCAA, previously serving as the Director of Quality Control in the Enforcement Department for over 8 years. In his current role, Hangebrauck is responsible for overseeing enterprise risk management initiatives for the organization.Mark Hicks:LinkedIn: https://www.linkedin.com/in/mark-hicks-02a4661b6/Clint Hangebrauck:LinkedIn: https://www.linkedin.com/in/clint-hangebrauck-7babb712/

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Our guest, Kristen Peed, is the Chief Risk Officer of Sequoia, and RIMS 2025 President. Kristen was recently promoted to Chief Risk Officer. She tells about that role and how it differs from her other risk roles.   Kristen speaks of a few of the risks to organizations today. She shares two stories of mentorship from her past and her efforts to provide mentorship today. Kristen shares thoughts about the evolving role of the risk manager and her pathway to the C-Suite for a seat at the table. She discusses the legislative summit, the topic of third-party-funded litigation, and the need for transparency and regulation.   Justin and Kristen discuss how every day is a brand new day for RIMS, what will be celebrated at RISKWORLD 2025, and a couple of new RIMS initiatives you can expect to learn about there. Kristen shares her gratitude to all the RIMS volunteers who make her job as 2025 president possible.   Listen for Kristen's career advancement advice and her final suggestion for growth. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! Engage Today and Embrace Tomorrow with RIMS at RISKWORLD from May 4th through May 7th in Chicago, Illinois. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:31] About this episode of RIMScast. We will be joined by RIMS President Kristen Peed. [:48] RIMS-CRMP Workshops! The next workshop will be March 19th and 20th. Register by March 12th. As part of our continuing strategic partnership with Purima, we have a two-day course coming up on April 22nd and 23rd. [1:03] Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:10] Virtual Workshops! On March 26th, Pat Saporito will host “Generative AI for Risk Management”. [1:18] On April 16th and 17th, Chris Hansen will lead “Managing Worker Compensation, Employer's Liability, and Employment Practices in the U.S.”. [1:31] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [1:40] RISKWORLD registration is open. Engage Today and Embrace Tomorrow, May 4th through 7th in Chicago. Register at RIMS.org/RISKWORLD. Also, remember there will be lots of pre-conference workshops being held in Chicago just ahead of RISKWORLD. [1:57] These courses include “Applying and Integrating ERM,” “Captives as an Alternate Risk Financing Technique,” “Contractual Risk Transfer,” “Fundamentals of Insurance,” “Fundamentals of Risk Management,” RIMS-CRMP Exam Prep, and more! Links are in the show notes. [2:17] Our guest today is the Chief Risk Officer at Sequoia and the RIMS 2025 President, Kristen Peed. We're going to talk about her risk management career journey, what it took for her to ascend to the level of Chief Risk Officer, and what that means for her organization. [2:38] We will also talk about the power of mentorship, networking, and what's in store for us at RISKWORLD 2025 and throughout the year as we celebrate the 75th anniversary of RIMS. [2:50] Interview! RIMS 2025 President, Kristen Peed, welcome to RIMScast! [3:07] This is Kristen's eighth year on the RIMS Board. It's been an amazing journey! Most of her best friends are RIMS staff members or RIMS members, all over the globe. RIMS is a huge part of her life! Justin joined RIMS almost eight years ago. They have known each other for years. [3:33] Justin shares a memory with Kristen in Halifax. Kristen took part in an impromptu presentation, in the role of a petulant child. [4:06] Kristen wears sneakers; she has branded herself as the sneaker queen. She has stopped counting how many pairs of sneakers she has. [4:34] This year is the 75th anniversary of RIMS. There is a big RISKWORLD in May; its theme is Engage Today and Embrace Tomorrow with RIMS. [4:54] Kristen Peed was recently promoted to Chief Risk Officer of Sequoia. Sequoia has ambitious growth goals, which is one of the reasons Kristen joined it. In her new role, Kristen has oversight of all corporate risks. [5:27] These include enterprise risks, IT risks, security risks, property & casualty risks, and E&O risks. It's overarching. [5:46] Kristen sees there has been a slow transition for risk managers in general, from a transactional, procurement role to a strategic role, where they see opportunities with risk. Where they see places where they can offer value and insight. [6:07] Sequoia is a client-based company. Clients are reaching out to Kristen for help dealing with deep-fake interviews. Kristen looked to the RIMS Board of Directors and Cherise Papadopolo, RIMS VP of DEI, People, & Culture, and got some helpful HR information. [6:48] Kristen was able to provide strategic advice to a Sequoia client's Chief People Officer. It's a perfect example of how RIMS helps risk managers to be viewed as strategic. The RIMS community is part of the reason Kristen was able to take on the role of Chief Risk Officer. [7:13] The role is something Kristen has been preparing for ever since she started as a risk analyst. Every step has been more of a strategic and leadership role rather than being in the weeds doing stuff. The Chief Risk Officer helps navigate and chart the map for the “captain.” [7:55] Kristen's career advancement came both from having a plan and from being seen for her hard work. She has learned to ask for things more. She was fortunate to have some success early in her career and capitalized on it. A new boss provided amazing mentorship for Kristen. [8:41] She asked, “What's the next role for Kristen?” Kristen realized she would like to be considered for a Chief Risk Officer role. Kristen's boss understood her value and wanted to make sure she felt appreciated. Six months later, Kristen was offered the role if she wanted to take it. [9:45] Part of it is making your leadership aware that these titles exist, showing your value, and asking for it. [10:05] One of Kristen's early successes at Sequoia involved using her RIMS network to put together a presentation on using surplus funds from the captive PEO insurer to fuel additional risk management activities. Leadership was excited and Kristen implemented it right away. [11:03] Another success was the consolidation of insurance programs. Sequoia had grown quickly and had renewal dates in different places. Kristen showed her market savvy and leveraged her relationships with carriers to bring down some initial premium costs. [12:00] Kristen says that putting the C-level title on a risk officer differentiates it. When she partners with the CISO or the Chief Data Officer, they are on equal footing. The C-level carries more weight. It also helps carriers in the marketplace see her as being in company leadership. [12:42] When Kristen meets with underwriters and carriers, they have a greater sense of comfort knowing she has a seat at the table and understands the direction of the company and how to mitigate against risk before it hits insurance. [13:01] Plug Time! RIMS Webinars! On March 13th, our friends from Global Risk Consultants will return to discuss “How to Make Your Property Insurance Submission AI-Ready”. [13:15] On Wednesday, March 26th at 2:00 p.m. Eastern Time, members of the RIMS Strategic and Enterprise Risk Management Council will extend the dialog that began in the recent RIMS Executive Report “Understanding Interconnected Risks”. [13:30] On Thursday, March 27th, Descartes Underwriting will make its RIMS Webinar debut with a session about parametric insurance. On April 3rd, join Zurich for “Understanding Third-Party Litigation Funding”. [13:43] On April 10th, Audit Board will present, “What CISOs Want Risk Executives to Know About Cyber Risk in 2025”. [13:51] Following the success of their recent webinar, HUB International returns for the next installment of their Ready for Tomorrow Series, “From Defense to Prevention: Strengthening Your Liability Risk Management Approach”. That session will be on April 17th. [14:07] On April 24th, RiskConnect returns to deliver “Better Together: The Marriage of Insurable Risk and Business Continuity”. [14:40] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [14:26] Let's Return to Our Interview with RIMS 2025 President Kristen Peed! [14:37] As a follow-up to the RIMScast episode with Mark Prysock on RIMS's legislative priorities, Kristen talks about third-party-funded litigation. It affects risk managers, carriers, and brokers because of premium pricing. [15:06] It's necessary to have transparency around third-party-funded litigation and eliminate the ability of foreign entities to fund and profit from it. The concern is around nuclear verdicts that are detrimental to the industry as a whole. [15:39] Nuclear verdicts will impact pricing, not only for that one company but for all risk managers. These verdicts are not sustainable. We need transparency. We want Congress to act upon this. We can all get behind this. Kristen doesn't think this is a partisan issue. [15:58] Being able to partner with our carriers and brokers to have a strong message on the Hill is critical to the success and continuation of our industry. [16:08] Time and money are finite resources. There is no bottomless pit of money. [16:30] Kristen will soon be going to Capitol Hill with fellow risk practitioners for the RIMS Legislative Summit. [16:43] Kristen got involved in legislative advocacy after getting a mailer for the Legislative Summit. She attended and met the staff, including Robert Cartwright. She saw It was an amazing platform for risk managers to have their voices heard by the people they elect. [17:17] The RIMS Legislative Summit is one of Kristen's favorite annual events. It can be so impactful to the community as a whole. It will be March 19th and 20th. This is your last chance to register for it. Prepare for the trip to D.C. [17:54] March is Women's History Month. Kristen says she was lucky to have some key female leaders placed in her life at critical moments, that helped her down this path. [18:15] At CBIZ, Nancy Mallard was the GC for CBIZ's Benefits and Insurance Division. She was the first female chair of the CIAB (The Council). Kristen saw Nancy's leadership throughout the years in the industry. Kristen used her great example to figure out how to get involved at RIMS. [19:15] Kristen's new boss, Kathy Ross, is amazing. She's been a great advocate for Kristen and it has been awesome to learn from her how to elevate her leadership skills. Kristen feels blessed to have had these two impactful women in her life. [19:47] Sequoia's culture is paramount to its people. One of its service commandments is “Be of extraordinary value to others.” Sequoia's mission is “Coming through for others that put their trust in us.” Kristen takes these values to heart, whether in mentoring or calling on the phone.  [20:39] Kristen looks at how she can help create career paths for people and develop them, at Sequoia and in the risk community, as well. Kristen brings together interns and “externs” from other companies and stays in touch with them. She always asks them to pay the help forward. [21:35] Plug Time! Kristen Peed was a board member of the Spencer Educational Foundation. [21:41] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [21:59] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. [22:13] Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. General Grant awardees are typically notified at the end of October. Learn more about Spencer's General Grants through the Programs tab of SpencerEd.org. [22:31] Spencer has several events lined up before and during RISKWORLD 2025. On May 3rd, there's the Spencer-CNA Pickle Ball Social, on May 4th, the Spencer-Gallagher Golf Tournament, on May 5th, the Spencer Soiree, and on May 6th, the Spencer-Sedgwick 5K Fun Run. [22:51] You can register for or sponsor any of these through the links on this page or by visiting SpencerEd.org/riskworld2025. [23:00] The Conclusion of My Interview with RIMS 2025 President, Kristen Peed! [23:27] Kristen's theme for her presidency is Brand New Day. Every day is a brand new day of risks. Every day, new risks are popping up. Whether AI, advancements in cyber threats, wildfires, or climate change, everything is changing. [24:12] It's a brand new day for risk managers. We have to be more nimble and strategic. That means it's a brand new day for RIMS. It's about how RIMS is going to support us in this moment and also as we move into the future, making sure we stay relevant for the next 75 years and on. [24:41] A new track, Alternative Risk Transfer, highly focused on captives, is being presented at RISKWORLD 2025. This is something risk managers have been asking to learn more about. It's part of the strategic conversation; how do you start to offer value back to your company? [25:09] How do you more strategically look at risk from a long-term perspective? That dovetails with Enterprise Risk Management. RIMS ERM content is relevant and has evolved over time. Captives will continue to be a value-generating part of the profession. [26:06] The 75th anniversary of RIMS is special for Kristen because it shows that RIMS has come so far. This year, RIMS is launching the RIMS Foundation to create opportunities for early-career students. That's the critical time to help them stay in the profession. [26:47] The RIMS Foundation will provide them with opportunities for growth, learning, and networking. This is a graying industry. We need to attract the next generation of talent to the industry and fill the pipeline with lots of people to backfill when current risk professionals retire. [27:21] Also in 2025, RIMS has a brand new Texas regional conference from August 4th through the 6th, on the San Antonio River Walk. People are reaching out to Kristen to submit sessions. It's exciting to see all the buzz around that conference. [28:35] Kristen's concludes: “Never quit learning. In my role, I've been doing this for two-plus decades, but I learn something new every day. When I took the RIMS-CRMP, I learned even more. It's the only risk management credential accredited by ANSI. Go and get your RIMS-CRMP.” [28:56] “It is one of the best educational opportunities you will have to demonstrate your proficiency and excellence and show your senior leadership team that you have the skills to elevate and provide strategic direction to your company.” [29:18] Justin notes that later this year, you can look for a RIMS-CRMP story, featuring RIMS 2025 President Kristen Peed. [29:23] Kristen, it is such a pleasure to see you! I'm so happy that you're our president this year and I'm happy for your continued success. I look forward to being able to celebrate with you in May at RISKWORLD 2025! [29:35] Kristen says she is honored to lead RIMS this year but it wouldn't be possible without all the other volunteer risk professionals around the world, all our chapter leaders, all committee members, and all our council volunteers. [29:53] Kristen wants to thank everybody who donates their time and energy to making RIMS so relevant and future-thinking. I could not do what I do without your support. [30:10] Special thanks again to RIMS 2025 President, Kristen Peed. Be sure to catch her at RISKWORLD 2025. She will have a presence on the main stage and during many of the ceremonies. Be sure to register for RISKWORLD 2025 at RIMS.org/riskworld. [30:23] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [30:48] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [31:05] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [31:21] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [31:35] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [31:48] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [31:54] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award [Canada] Spencer Educational Foundation — General Grants 2026 — Application Dates Spencer's RISKWORLD Events — Register or Sponsor! RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Risk Management magazine RIMS Leadership Corner — Featuring Kristen Peed RIMS Webinars: RIMS.org/Webinars “How to Make Your Property Insurance Submission AI-Ready” | Sponsored by Global Risk Consultants, a TÜV SÜD Company | March 13, 2025 “Understanding Interconnected Risks” | Presented by RIMS and the Strategic and Enterprise Risk Management Council | March 26, 2025 “Parametric Insurance and Climate Risk: An Innovative Tool for CAT Risk Management” | Sponsored by Descartes Underwriting | March 27, 2025 “Understanding Third-Party Litigation Funding” | Sponsored by Zurich | April 3, 2025 “What CISOs Want Risk Executives to Know About Cyber Risk in 2025” | Sponsored by Auditboard | April 10, 2025 “Ready for Tomorrow? From Defense to Prevention: Strengthening Your Liability Risk Management Approach” | Sponsored by Hub International | April 17, 2025 “Better Together: The Marriage of Insurable Risk and Business Continuity” | Sponsored by Riskonnect | April 24, 2025   Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP | March 19‒20 | Register by March 12 RIMS-CRMP Exam Prep with PARIMA | April 22‒23 Full RIMS-CRMP Prep Course Schedule   Upcoming Virtual Workshops: “Generative AI for Risk Management” | March 26 | Instructor: Pat Saporito “Managing Worker Compensation, Employer's Liability and Employment Practices in the U.S.” | April 16‒17 | Instructor: Chris Hansen See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “RIMS Legislative Priorities in 2025 with Mark Prysock” “(Re)Humanizing Leadership in Risk Management with Holly Ransom” (RISKWORLD Keynote) “Risk and Relatability with Rachel DeAlto, RISKWORLD Keynote” “Risk and Leadership Patterns with Super Bowl Champion Ryan Harris” (RISKWORLD Keynote)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Kristen Peed, Chief Risk Officer at Sequoia and the RIMS 2025 President   Production and engineering provided by Podfly.  

Justin Kollinger, Senior Risk Management Consultant at United Educators (UE), brings valuable perspective in helping colleges and universities develop strategic risk initiatives. As co-author of "Risk Management: An Accountability Guide for University and College Boards" and creator of UE's annual Top 10 Risks report, Kollinger works with institution leaders to develop strategic risk initiatives, prioritize risk management goals, and launch enterprise risk management programs. Higher Ed's Current Risk & Liability Environment The higher education sector faces what United Educators calls "social inflation" - increases in insurance costs above regular inflation. This trend is driven by: Increased third-party litigation financing Growing recruitment of plaintiffs to bring cases Rising defense costs Higher settlements and awards Top Risks in Higher Education McNaughton and Kollinger discuss these top risks revealed in the UE's annual survey: Enrollment Data Security Operational Pressures Recruitment and Hiring Regulatory and Legal Compliance Student Mental Health Funding Facilities and Deferred Maintenance Public Safety Three-way tie: General Premises Safety Title IX Political and Societal Pressures Notable findings include the consistency of the top seven risks over the past three years despite 2024's tumultuous environment. Surprisingly, climate change and environmental risks did not make the top ten despite increasing natural disasters affecting campuses nationwide. Enterprise Risk Management in Higher Education Dr. McNaughton noted that only about 5% of institutions have formalized risk management programs. Both experts emphasized that when creating strategic plans, institutions must include risk management planning, or they leave themselves exposed. Risk management should distinguish between: University Level: Risk management and identification Board Level: Risk oversight and appropriate questioning Data Security Challenges The conversation highlighted growing concerns about data security: Rising costs for data breach coverage Need for centralized IT management Growing sophistication of phishing attempts with AI Importance of comprehensive security training Three Takeaways for University Presidents and Boards Culture of Risk Management ("Cool Head, Warm Heart") Manage risk with thoughtful foresight and consistent policies Show care to your community before, during, and after incidents Focus on building trust through demonstrated care and communication Elevate Your Risk Manager Risk managers often know everything happening on campus They have unique problem-solving tools They should be positioned as strategic contributors If you don't have a risk manager, get one Use Third-Party Experts Take advantage of insurer resources (like UE's checklists and online courses) Utilize insurance broker resources Access association resources and experts Remember these experts are part of your support ecosystem Kollinger's insights emphasize that while establishing risk management programs may seem daunting, having basic frameworks in place can help institutions better prepare for and respond to various challenges. His message underscores the importance of both strategic thinking and demonstrated care in building effective risk management programs. The changing landscape of higher education requires leaders to remain vigilant in their approach to risk management, making it an essential component of institutional strategy and governance. #HigherEducation #HigherEducationRiskManagement #HigherEducationPodcast Read the transcript on our website: https://changinghighered.com/top-risks-in-higher-education-erm-programs/ Links to Resources: UE's Top Risks Report: Insights for Higher Education  UE's Large Loss Report (featuring settlements over $2.5 million) Risk Management: An Accountability Guide for University and College Boards (AGB) Enterprise Risk Management In Higher Ed Part 1: An Overview of the Planning Process Enterprise Risk Management in Higher Ed Part 2: Risk Planning and its Critical Role in Higher Education Enterprise Risk Management in Higher Ed Part 3: Risk Oversight and the Board's Role in Higher Education Risk Management Strategic Risk Planning to Chart Higher Ed's Course in Turbulent Times What is Enterprise Risk Management in Higher Education?     About Our Podcast Guest Justin Kollinger serves as Senior Risk Management Consultant at United Educators, an education-owned liability insurance carrier serving 1,500 institutions across the country. In his role, Justin advises college and university leaders as they develop strategic risk initiatives, prioritize risk management goals, and launch or refresh enterprise risk management (ERM) initiatives. He co-authored Risk Management: An Accountability Guide for University and College Boards, published by AGB Press, and creates reports and tools to help United Educators' members address their top risks, including risks relating to enrollment and student life. Risk & Insurance recognized Justin as one of its Risk All Stars in 2023, and Justin has previously worked in enrollment at two private institutions in the Mid-Atlantic and as a consultant to community college presidents and independent heads of school. Connect with Justin Kollinger on LinkedIn → About the Podcast Host Dr. Drumm McNaughton is the founder, CEO, and Principal Consultant at The Change Leader, Inc. A highly sought-after higher education consultant with 20+ years of experience, Dr. McNaughton works with leadership, management, and boards of U.S. and international institutions. His expertise spans key areas, including accreditation, governance, strategic planning, presidential onboarding, mergers, acquisitions, and strategic alliances. Dr. McNaughton's approach combines a holistic methodology with a deep understanding of the contemporary and evolving challenges facing higher education institutions worldwide to ensure his clients succeed in their mission. Connect with Drumm McNaughton on LinkedIn→  

Mastering Enterprise Risk Management with Steven Lustig, Lustig Global Solutions (North Fulton Business Radio, Episode 843) In this episode of North Fulton Business Radio, host John Ray interviews Steven Lustig from Lustig Global Solutions. The discussion delves into the critical importance of enterprise risk management (ERM) for small and medium-sized businesses. Steven shares his extensive […] The post Mastering Enterprise Risk Management with Steven Lustig, Lustig Global Solutions appeared first on Business RadioX ®.

Mastering Enterprise Risk Management with Steven Lustig, Lustig Global Solutions (North Fulton Business Radio, Episode 843) In this episode of North Fulton Business Radio, host John Ray interviews Steven Lustig from Lustig Global Solutions. The discussion delves into the critical importance of enterprise risk management (ERM) for small and medium-sized businesses. Steven shares his extensive […]

Dawn Walker is an associate director, Industry Relations (DUAE) in AM Best's Strategy and Communications department. Dawn has more than 15 years of insurance industry and risk management experience, and joined AM Best in 2022, initially serving as a senior financial analyst, conducting performance assessments for Delegated Underwriting Authority Enterprises.  Previously, Dawn as a senior risk management analyst at MacAndrews & Forbes Inc., a global mergers and acquisitions firm in New York City. She also previously served as a senior account executive for Alliant Insurance Services, serving its ultra-high net worth book of business.  Dawn received her MBA degree with a concentration in Enterprise Risk Management at St. John's University. She graduated Cum Laude earning a Bachelor of Law degree from the University of Arizona. She holds a Property & Casualty and Life & Health Broker's license, has earned an Associate in Risk management (ARM) designation and is actively pursuing a Charter Property Casualty Underwriter's designation. Highlights from the Show AM Best is known for many things, but mainly for the assessments and ratings they perform on players across the insurance industry. For the Delegated Underwriting Authority Enterprise (DUAE) space in particular, they are bringing transparency to help drive continued growth not only of the DUAE segment, but the product innovation that goes on within it. The level of growth in the delegated underwriting authority space has been huge, getting to $77B in the US alone, and making up 10% of the P&C market globally. The key areas they look at when assessing DUAEs includes Operations, UW Capabilities, Governance and Controls, Financials and Corporate Structure. This analysis helps bring transparency to the sector to help facilitate partnerships while also giving DUAEs a blueprint for how to optimize their operations for growth, stability and, ultimately, success Why do insurers work with Delegated Underwriting Authority Enterprises (DUAEs), like MGAs and MGUs? Can't they just compete in the market directly? DUAEs bring expertise in niches and market segments that incumbent carriers may not be able to build efficiently given their scale, and the relative size of these niches being too small to support the operational cost of a carrier. DUAEs often come with expertise and distribution in the segment, allowing carriers working with them to access new spaces efficiently, quickly and profitably. What can support or stand in the way of the success of a Delegated Underwriting Authority Enterprises (DUAEs), like MGAs and MGUs? AM Best performs assessments of these entities to bring transparency to key success factors insurers would look at when deciding whether to work with a DUAE or not. This episode is brought to you by The Future of Insurance thought leadership series, available globally from Amazon in print, Kindle and Audible audiobook. Follow the podcast at future-of-insurance.com/podcast for more details and other episodes. Music courtesy of Hyperbeat Music, available to stream or download on Spotify, Apple Music, and Amazon Music and more.

Dr. Karen Hardy speaks with Clio Grillakis about the practice of Enterprise Risk Management within the CHiPs Semiconductor Manufacturing Program at the National Institutes of Standards and Technology (NIST). *An interview clarification: "the United States produces 10% of all semiconductors, not just leading-edge semi-conductors."

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Carrie Frandsen, the ERM Director of the University of California and a RIMS-CRMP Commissioner. Justin and Carrie discuss all things ERM. In particular, Carrie explains the purposes of ERM, what constitutes success in an ERM Program, and how to start an effective ERM Program in your organization.   Listen for ideas on fitting ERM into your organization's daily processes and decision-making, with resources to set you on the path to ERM success. Key Takeaways: [:01] About RIMS. [:14] Public registration for RISKWORLD 2025 is now open! RIMS wants you to engage today and embrace tomorrow in Chicago from May 4th through May 7th! Register at RIMS.org/RISKWORLD and the link in this episode's notes. [:30] About this episode, coming to you from RIMS headquarters in New York. We will be joined by Carrie Frandsen, for some ERM motivation. She is the system-wide ERM Director for the University of California and a RIMS CRMP Commissioner. [:58] The next RIMS-CRMP Exam Prep Virtual Workshop will be held on December 17th and 18th. [1:09] On February 19th and 20th, there is a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:27] The next RIMS-CRMP-FED Exam Course will be held from February 4th through the 6th, 2025. Links to these courses can be found on the Certification page of RIMS.org and through this episode's show notes. [1:42] RIMS Virtual Workshops! Gail Kiyomura of The ART of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:57] We've got ERM on our minds. On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito, starting on March 12th, 2025. [2:18] A link to the full schedule of virtual workshops can be found through the RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:29] Interview! Our guest today is one of the most enthusiastic people I know on the topic of ERM! She is Carrie Frandsen, the system-wide ERM Director of the University of California. She's also a RIMS CRMP Commissioner. [2:48] Carrie is here to talk about all things ERM. Whether you want to build a program from the start or you want to enhance an existing program, this is the mind that you want to tap into! We are thrilled that she's here. Let's get to it! [3:03] Carrie Frandsen, Welcome to RIMScast! [3:13] Carrie says she is a true ERM geek! With enterprise risk management you need the ability to think organization-wide. [3:25] Not just to think organization-wide but you need to be able to think about the world and how things that are changing in the world, like politics, economics, and sociological changes, impact your organization. Then you have to get other people excited about that. [3:42] You need to be able to partner with people inside your organization, like internal audit, compliance, and health and safety, all the different groups that are second-line, and help them get excited about building an enterprise-wide view of risks across the organization. [4:03] Once you've got your second line of defense, you can build that risk committee to democratize risks across the organization. Everybody can see the risks in their silo and how things impact each other across different units. [4:36] Carrie says the primary goal of enterprise risk management is to enhance an organization's ability to anticipate and mitigate risks effectively while maximizing those opportunities for value creation. [4:49] ERM helps organizations make more risk-informed decisions. It helps improve resilience and removes obstacles to achieving strategic objectives. [5:06] ERM is part of the governance and management of an organization. Know what could impact you from outside the organization as well as things that are changing in your policies, procedures, and processes. Make sure those are effective to continue achieving your objectives. [5:37] ERM can provide an early warning on risks and the effectiveness of controls. When you're using ERM in decision-making, it can help you to challenge assumptions before decisions are made. It can help you to set the frame for the decision and help you consider the alternatives. [6:02] ERM can help you ensure that appropriate actions are taken to reduce your risks. It helps the organization to learn and adapt. [6:14] Healthcare organizations do root cause analysis, a good risk assessment technique to figure out how to make negative outcomes not happen again. There are a lot of risk assessment techniques that can help you, depending on the situation your organization is working on. [6:42] Culture is how things are done. A risk-aware culture is essential for a successful ERM implementation. It fosters an environment where risk is openly discussed and employees feel comfortable in identifying and reporting potential risks without fear of repercussions. [7:08] This allows organizations to address issues proactively before they escalate. If you have a risk-aware culture, risks and risk assessments are integrated into decision-making and risk is considered at all levels of decision-making from strategic planning to operational activities. [7:29] This helps to ensure that risk is a key factor in every management decision. Employees can take ownership of risk management. [7:38] The University of California has a motto: “ERM means Everyone's a Risk Manager.” Individuals doing their day-to-day work in their area of expertise are the ones who know best what their risks are and how to manage their risks. [7:58] Our role as risk managers is to support these employees by giving them training in ERM, and risk assessment tools, and letting them talk to other people about risks that may impact them that aren't in their area. That distributed approach enhances the effectiveness of ERM. [8:18] A risk-aware culture promotes continuous learning where lessons from past incidents are shared and used to improve future risk management practices. [8:36] At the top level of ERM are the board and leadership. They set the tone for the organization's risk culture. They need to understand the dynamic risk environment in which the organization operates. They need to know of rising risks so they can make good decisions. [9:06] At the day-to-day level, where the work happens, is the risk owner. That's the person with the accountability and authority to manage that risk. [9:18] The business unit level is where risk management and control processes take place. An organization's risk is inseparably connected to its objectives. The responsibility for managing risk can't lie with anyone other than the person who's responsible for achieving those objectives. [9:36] Good risk management is everybody's responsibility. What does the Risk Manager do? The risk leader provides the infrastructure, tools, coaching, leadership, and resources. [10:08] Resources can be anything from software to workshops to all sorts of things to help people identify, manage, monitor, and report on the risks. [10:20] Risk managers can champion a risk-intelligent culture across the organization. Risk-intelligent culture is a term coined by Deloitte in a white paper. [10:46] Risk managers are the ones who champion the integration of ERM into existing policies, structures, and processes. They get the risk committees going, they make sure that the issues get escalated to leadership, and that policies, procedures, and controls are improved. [11:07] Risk Managers facilitate proactive risk thinking. They conduct risk sensing and report on emerging risks. An ERM person is a generalist. They don't manage a particular area but check in with everybody about rising risks and report that information. They have people tracking risks. [11:55] We have a new political landscape and changes in society. There are always new health issues arising. As long as there's somebody in an organization paying attention to conditions, the ERM person's role is to make sure those things get considered at the leadership level. [12:19] A Risk Manager can provide a structured discipline for the consideration of risk in decision-making. They can lead risk workshops. They can make sure a risk-assessment process is built into regular management meetings. They can support risk-mitigation activities. [12:46] Risk Managers can support mechanisms to provide timely risk information to decision-makers. [12:54] Plug Time! RIMS Webinars! Hub International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [13:14] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [13:25] RIMS is now accepting nominations for all awards other than Risk Manager of the Year 2025. The submission deadline is Monday, January 6th, 2025. To receive a RIMS award, all winners must be active members and in good standing. [13:45] These awards are the Diversity, Equity, and Inclusion Chapter Leadership Award, the Harry and Dorothy Goodell Award, the Volunteer of the Year “Heart of RIMS” Award, the Richard W. Bland Memorial Award, the Chapter of the Year Award, the Rising Risk Professional Award, the Risk Management Hall of Fame, and the Cristy Award. [14:23] You can find more information about the awards through the About Us page of RIMS.org or the link in this interview's show notes. [14:31] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [14:43] Back to the Interview about all things ERM with Carrie Frandsen!  [15:01] For ERM success, you need to have a framework for taking the steps to integrate risk management more into your existing activities and functions. Organizations are already managing risk. ERM gets more people to consider and talk about risk in their decision-making. [15:34] ERM success factors include strong leadership buy-in, a culture of risk awareness, and open communication. [15:45] When you're getting started, you want to develop a clear ERM vision. Start where you are and build your business case and your implementation roadmap. [15:58] Your implementation roadmap starts with a gap analysis between what you are doing well with risk management and where you can make improvements. The vision is what you see in five years of doing X. [16:17] Based on those areas where you want to improve your ERM approach, you build your business case and lay out your implementation roadmap. Bring it to your leadership and that improves your leadership buy-in. [16:32] Then you need to define your enterprise risk management roles and accountabilities. They're often straightforward. The person in charge of an area is the risk owner of that area. Just take the time to define those roles. [16:50] Sometimes when you map out risk accountabilities, you see that for some enterprise risks, there's not one person who's responsible for it because it covers a few areas or reaches across the whole organization. [17:08] The pandemic was a good example of that. It doesn't fit in any one area of responsibility. Building accountability for things that go across areas is always a challenge. [17:21] Consider how you will develop your risk assessment and mitigation resources for risk owners. What are they already doing and what tools do they need? That's where you engage those risk owners and work directly with them to provide them with resources. [17:40] Make ERM an integral part of your operational processes and decision-making. Look at your existing processes and meetings to see where you can build risk assessment into them. You can't be everywhere. You want to build that in as a normal part of processes. [18:04] Ensure that the organization and its people are regularly monitoring risks and learning from those experiences. [18:21] As you get started with ERM, get your hands on some material and read about enterprise risk management. Get some familiarity with it. You want to become a trusted advisor and be that ERM expert as much as you can. [18:44] To begin doing ERM, engage leadership, risk owners, and your second line of defense. Start doing your gap analysis which starts with conversations. Ask leadership what they hope and expect from enterprise risk management. [19:03] When talking with leadership, you generally want to work to become a trusted advisor. You want to focus on the biggest risks. Ask people what they care about and what they're working on. That will help inform assessing your organization's current ERM capabilities. [19:24] In your ERM plan, figure out how to integrate ERM into strategic decision-making and everyday management actions. Identify where, when, and how, key decisions are made. Work to embed risk assessment into those decision-making activities. [19:47] Carrie suggests using a decision quality chain. Form a risk committee. Risk committees facilitate the identification, analysis, and mitigation of risks. You want people that are at the director level and the same reporting level. [20:09] You want a representative from every area for an enterprise-wide view. You want a good forum where people can bring up their issues or concerns, build a shared understanding of the organization's risks, and provide recommendations to leadership on significant issues. [20:35] Effective risk governance depends on timely and relevant risk information so your exposures can be monitored and managed. Information needs to be communicated to the right people at the right time and in the right ways for people to make risk-informed decisions. [21:02] Carrie recommends using new ERM material. In addition to ISO 31000, ISO recently published Risk Management — A Practical Guide that helps with the steps of implementing ERM. Norman Marks has a helpful blog and wrote a book, World-Class Risk Management. [21:43] Carrie used World-Class Risk Management as an assignment in her ERM Certificate program classes through UCLA Extension. She teaches the first two classes, The Foundations of Enterprise Risk Management, and The Designing and Implementing an ERM Program. [22:16] Carrie's partner Carol teaches the Advanced Techniques class. [22:33] The ERM Certificate Program aligns with the RIMS-CRMP so that once you've taken all the classes, you're well-positioned to sit for and pass the RIMS-CRMP. [22:47] Special thanks to Carrie Frandsen for joining us. A link to her ERM Q&A interview from 2021 is in this episode's show notes. Many of the resources she mentioned are in the show notes as well as links to RIMScast and RIMS Risk Management Magazine coverage of ERM. [23:11] As always, visit RIMS Risk Management Magazine at RMMagazine.com. [23:17] Next week, our 2024 Finale will feature an interview with the editors of RIMS Risk Management Magazine, Morgan O'Rourke and Hillary Tuttle. [23:26] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [24:13] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [24:32] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [24:48] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [25:03] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [25:11] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS DEI Council RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!  Nominations open for RIMS 2025 Awards! (Through Jan. 6, 2025) Nominations for the Donald M. Stuart Award “ERM Q&A with Carrie Frandsen: ERM at the University of California System” RIMS Webinars: RIMS.org/Webinars “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Stay Competitive with the RIMS-CRMP” | Presented by the RIMS Greater Bluegrass Chapter February 19‒20, 2025 | Instructor: Chris Mandel “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 “Captives as an Alternate Risk Financing Technique” | Dec. 17‒18 “Fundamentals of Insurance” | Feb. 19‒20, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Risk Quantification Through Value-Based Frameworks” “Live from the ERM Conference in Boston!” “Maintaining an Award-Winning ERM Program with Michael Zuraw” “Applying ERM Theory with Elise Farnham” “On Risk Appetite and Tolerance” “Big Shifts with John Hagel, RIMS ERM Conference Keynote” “Contract Review's Role in Risk Management”   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor (New!) “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Carrie Frandsen, Systemwide Enterprise Risk Management Director, University of California RIMS-CRMP Commissioner (and RIMS-CRMP holder) ERM Certificate Program at UCLA Extension   Social Shareables (Edited For Social Media Use): You need to be able to partner with people inside your organization, like internal audit, compliance, and health and safety, all the different groups, and help them get excited about building an enterprise-wide view of risks across the organization. — Carrie Frandsen   The primary goal of enterprise risk management is to enhance an organization's ability to anticipate and mitigate risks effectively while maximizing those opportunities for value creation. — Carrie Frandsen   A risk-aware culture promotes continuous learning where lessons from past incidents are shared and used to improve future risk management practices. — Carrie Frandsen   As you get started with ERM, read about enterprise risk management. Get some familiarity with it. You want to become a trusted advisor and be that ERM expert as much as you can. — Carrie Frandsen   Effective risk governance depends on timely and relevant risk information so your exposures can be monitored and managed. Information needs to be communicated to the right people at the right time and in the right ways. — Carrie Frandsen  

Hear from Pedro Morales, the Director and Global Head of AML/Sanctions Compliance at Google, about AI, cyber threats, fraud, third-party risk, regulation and other complex operational resilience obstacles, trends and risks. The Federal Reserve defines operational resilience as the ability to deliver operations, including critical operations and core business lines, through a disruption from any hazard. In an interconnected world rife with volatility and uncertainty, there are certainly a plethora of hazards that can disrupt a business, and managing operational resilience is therefore a daunting task. At financial institutions, the operational resilience umbrella covers everything from AI, geopolitical threats and cyber risk to fraud, money laundering, IT outrages, third-party risk and disaster recovery. Indeed, on any given day, an operational resilience leader could have to contend with, for example, a cyberattack, an AI threat, a money-laundering scheme, or the fallout from a natural disaster or from wars in Eastern Europe and the Middle East. Governance and regulatory obstacles, moreover, also come with the job. With so many different problems to contend with, there's not necessarily a one-size-fits-all approach for operational resilience. But a manager must stay on top of trends and be aware of all potential risks, while also following best practices – all as part of an effort to withstand, adapt and recover from disruptive events. *The views expressed by our guest speaker, Pedro Morales, are his alone and do not necessarily reflect those of his employer. Relevant Links: GARP Benchmarking Initiative Risk Intelligence: Operational Risk   Speaker's Bio Pedro Morales is the Director and Global Head of AML/Sanctions Compliance for Google. He previously served as Google's Global Head of Enterprise Risk Management for Payments, and has also worked in various leadership roles at the Federal Reserve Bank of New York, where he supervised large banks.

James Pruitt is the Vice President of Risk Management for GFL Environmental and is responsible for the risk management strategy, insurance and captive programs, claims management, and Enterprise Risk Management across North America. He joined GFL in the Fall of 2021 and served as a consultant to the CFO in a risk management capacity from 2018 to 2021. Prior to joining GFL, James was the Vice President of Private Equity Strategy at Risk International, where he was responsible for new business creation within the Private Equity space and led all due diligence strategy and program optimization engagements across the portfolios. He specializes in insurance due diligence, carve-out program creation, and risk management department implementation. James holds an MBA from Indiana University's Kelley School of Business and a BBA in International Finance from the University of Akron. Today on In The Know, Chris Hampshire and James discuss private equity risk management and due diligence as well as unique exposures in the environmental risk management space.    Key Takeaways   James's initial exposure to risk management eventually led to his career of building out and formalizing an entire program. The exposures of private equity risk management and variations from traditional programs. Exciting and rewarding opportunities unique to the private equity space. Private equity can be the “perfect” model for program efficiency. Major constraints of private equity programs. Key considerations when accepting a new and different role. Who you work with makes all the difference in the success of any position. James highlights the process of assembling a new risk management program. The current state of unique exposures in the environmental risk management space. A strategic five-year look at the future of the insurance industry. James shares practical advice to his early career self.   Quotes “The private equity world is definitely different from either stand-alone public or private companies.” “The one factor I always weigh first is who I would be working with.” “The goal for everyone on my team is to make sure you have a conversation with at least one person every day about risk management.” “It takes a long time with a lot of renewals and bumps along the way to make sure that you don't duplicate those errors along the way.” “At the end of the day, people are really there to foster relationships.”

David Crapo and Bethany Corbin discuss enterprise risk management for health care organizations, with a particular focus on cybersecurity. They cover the sources of cyberattacks on health care organizations, risks involving third-party vendors, strategies for minimizing cybersecurity risks, legal requirements, different stakeholder responsibilities, dealing with cybersecurity breaches, and legal and regulatory trends. David is co-editor, and Bethany is co-author, of AHLA's Enterprise Risk Management for Health Care, Fourth Edition. From AHLA's Hospitals and Health Systems Practice Group.Watch the conversation here.To learn more about AHLA and the educational resources available to the health law community, visit americanhealthlaw.org.

  Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Trisha Sqrow, of Marsh Advisory, and our Council Vice-Chair 2024, Suzanne Christensen, of Franklin Templeton Investments, and making his debut on RIMScast is Karthick Dalawai, of Penn Mutual Life Insurance Company. Karthick, Suzanne, and Trisha discuss value-based frameworks in terms of benefits, their experience with them, and value metrics. They share the concept of a value-based Enterprise Risk Management (ERM) framework to align risk management activities with the creation of shareholder value. They mention risk quantification methodologies to assess financial and non-financial risks. They explain the use of scenario analysis to tailor risk management practices to your organization's risk appetite and objectives and give ideas on how to get buy-in from the boardroom. Listen in for ways to implement a value-based ERM framework in your organization.   Key Takeaways: [:01] About RIMS. [:15] About this episode. From RIMS headquarters in New York, we will be joined by three members of the RIMS Strategic and Enterprise Risk Management Council to discuss risk quantification through a value-based framework. [:43] The RIMS ERM Conference 2024 will be held on November 18th and 19th in Boston. Opening keynote speaker John Hagel recently appeared here on RIMScast. Register at RIMS.org/ERM2024. [:58] We will talk about everything from RMIS and AI to D&O, ESG, the SEC, and various other acronyms. If you are a RIMS-CRMP holder, you can earn recertification points by attending the RIMS ERM Conference 2024! [1:16] For those of you interested in studying for the exam, a pre-conference workshop will be held on-site on November 16th and 17th. Register now; a link is on this page! [1:30] The next RIMS-CRMP Exam Prep will be held with Purima virtually on November 14th and 15th. The next RIMS-CRMP-FED Exam Course will be hosted along with George Mason University from December 3rd through the 5th. [1:45] Links to these courses can be found on the Certifications page of RIMS.org and through this episode's show notes. [1:53] RIMS Virtual Workshops! Elise Farnham of Illumine Consulting recently joined us here on RIMScast. On December 4th and 5th, she will host Applying and Integrating ERM. On December 17th and 18th, she will host Captives as an Alternate Risk Financing Technique. [2:14] Other dates for the Fall and Winter are available on the Virtual Workshops calendar, RIMS.org/virtualworkshops. [2:23] Interview! Returning to the show are Trisha Sqrow, of Marsh Advisory, and our Council Vice-Chair 2024, Suzanne Christensen, of Franklin Templeton Investments, and making his debut on RIMScast is Karthick Dalawai, of Penn Mutual Life Insurance Company. [3:00] These brilliant minds, Trisha, Suzanne, and Karthick, will present the session “Risk Quantification Through Value-Based Frameworks” to kick off Day 2 of the RIMS ERM Conference 2024 on November 19th. [3:15] Today we'll get tips on how to launch a value-based framework, what the benefits and limitations may be, and how to convince your board to buy in. Karthick Dalawai, Trisha Sqrow, and Suzanne Christensen welcome to RIMScast! [4:54] Karthick explains that Enterprise Risk Management in its current form and where it goes from here to enable leaders to make informed decisions tie back to metrics and the quantification of results. [5:22] Doing risk management thematically is good and influential, but anything you don't quantify you can't improve. Risk quantification is essential for a good enterprise risk management program. [5:49] Trisha's risk management path has evolved toward a value-based framework. She suggests an organization could start by measuring its overarching risk appetite, understanding its risks, and putting its ERM framework in place. [6:22] The parameters could be how much financial, regulatory, or strategic risk you want to take. Hone in on what the risk translates to by quantifying the value. [7:03] The metrics may not always be dollar amounts. There may be safety value metrics, or cyber security impacts. There is a way to tie those back to financials in many cases, but you can look at different values. [7:51] Karthick says it's easier to quantify financial risk than intangibles like cyber risk or talent risk. Having a common denominator makes it possible to explain risk so IT, HR, and all departments understand the enterprise risk, not just the risk in their slivers of the organization. [8:58] Defining risk under a value-based framework takes three keys: uncertainty, deviation from the company strategy, and taking the right opportunities to increase value. If you planned to grow 10% and you grew 15%, analyze that opportunity. What was the cost of that benefit? [10:20] Suzanne adds that scenario analysis helps. Why did your growth vary from your planned growth? What do you have to have in place to manage it? With a 15% growth, you'll need more resources and a plan for the logistics. You may need to make a lot of other arrangements. [11:06] You need to think about those things in contingency mode. Scenario analysis does that; it helps you work through those plans. [11:30] Karthick describes the possible limitations of a value-based framework. The common denominator is a financial metric. Executives need to understand what factors contribute to that value. Tying the risk appetite to the value occurs high in the organization. It's all-encompassing. [12:07] You have to break the framework into layers by what it means for the different business units and how they measure business. Rightly implemented, a value-based framework is of great value; otherwise, people might become disconnected from it. [12:37] Suzanne agrees that people might not buy in if the framework is not well-implemented. Suzanne and Karthick discuss avoiding bias and starting with wrong assumptions. [13:02] Karthick believes that gets into the risk culture of the organization. Is it conservative or more aggressive? When you have a quantifiable and measurable risk appetite, some people may tend not to breach it at all. Many times, risk decisions need not be risk-optimized. [13:48] Having a measurable risk metric guides how much risk people can take to add value to the organization, not just to manage the downside. Tie it back to the business metrics through which leaders measure their performance. Having a good manager is a win-win. [14:16] Suzanne adds that weighing the cumulative impact of multiple decisions while figuring out a strategy for the organization helps you think about the risk appetite of the firm and if there is room to take more risk. [14:53] Trisha considers the risk culture of the organization in helping people understand value-based frameworks. There are a lot of conversations to be had with various departments. A financial office does not have the same risks as a manufacturing facility or an airport. [15:28] Work with the people looking at safety metrics and help translate them into dollar amounts, considering insurance and claims. What value does the framework add? [15:45] Help people understand the value-based framework and have conversations around it. How much risk can you take? [16:19] Plug Time! RIMS Webinars! On October 31st, TÜV SÜD GRC discusses “Mastering Property Renewals: Strategies for Success in 2025 with Risk Engineering”. [16:34] On November 4th, I will be hosting a special RIMS Webinar presentation, “Lessons from Veterans on Strategic Risk Leadership”. That session will feature insights and perspectives from risk managers who previously served in the United States Armed Services. [16:53] On November 14th, Marsh will present “Risk Perception and Management: Insights for a Changing Landscape”. [17:00] On November 21st, HUB International returns with the fourth installment of their Ready for Tomorrow series,  “From AI to the SEC: The Future of D&O Litigation and Regulatory Exposures”. [17:15] On November 25th, Resolver returns to discuss “The Future of Risk & Compliance: 5 Key Insights for the Modern Leader”. [17:23] On Thursday, December 12th, OneTrust returns to deliver “Staying Vigilant: 7 Practical Tips for Ongoing Third-Party Risk Monitoring” [17:32] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:44] Back to My Interview with Suzanne Christensen, Trisha Sqrow, and Karthick Dalawai. [18:22] Karthick says to ask the executives at your organization if they use the deliverables from ERM in their day-to-day decision-making and how they tie into the metrics. If you get a positive answer, you're in a good spot. If not, a value-based framework is a good solution. [19:00] Every executive business leader manages P&L and understands dollarized values. Value-based frameworks are good tools if they are implemented in the right way. [19:21] Trisha says to consider your impact scoring. That's the beginning of your risk appetite. Work toward getting a common denominator. [19:40] Suzanne comments that to make better, more confident decisions in the organization, and get the executives engaged in the conversation, you want to understand what their tough decisions and challenges are. [20:03] In what would the executives like more transparency and understanding to make their tough strategic or day-to-day decisions? Connect with them where their challenges are as a starting point. That immediately proves value to the organization. [20:41] Trisha and Suzanne have publications discussed in episodes linked in the show notes. Suzanne authored a report on emerging risks and board reporting, “Navigating the Complexities of Emerging Risks”. Trisha co-authored “Developing and Refining Risk Appetite and Tolerance”. [21:21] Suzanne and Karthick will be two of the panelists in the closing general session of the RIMS ERM Conference 2024 on November 19th. That's going to be a forward-looking discussion that will be a lot of fun. [21:57] During that closing session, we're going to give away a registration to RISKWORLD 2025 in Chicago! Everyone should stick around for this session! [22:16] Thank you all so much for joining us today here on RIMScast! [22:25] Special thanks to Trisha Sqrow, Karthick Dalawai, and Suzanne Christensen of the RIMS Strategic and Enterprise Risk Management Council. [22:36] On November 19th, they will kick off Day 2 of the RIMS ERM Conference 2024 in Boston, with a session about Risk Quantification through a Value-based Framework. That will not be the only session they will present, so if you like what you heard, register now at RIMS.org/ERM2024. [22:59] Links to the guests' prior RIMScast interviews and their respective reports are in this episode's show notes. [23:12] More RIMS Plugs! The RIMS ERM Conference 2024 will be held in Boston, Massachusetts on November 18th and 19th. Register today at RIMS.org/ERM2024! [23:27] The RIMS App is available to RIMS members exclusively. Go to the App Store and download the RIMS App with all sorts of RIMS resources and coverage. It's different from the RIMS Events App. Everyone loves the RIMS App! [23:58 ] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [24:40] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [24:57] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [25:12] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [25:26] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [25:33] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS ERM Conference 2024 will be in Boston, MA Nov. 18–19 | Register Now RIMS DEI Council RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS Strategic & Enterprise Risk Center NEW FOR MEMBERS! RIMS Mobile App RIMS Executive Report: “Developing and Refining Risk Appetite and Tolerance” RIMS Professional Report: “Navigating the Complexities of Emerging Risks” RIMS-CRMP Stories — New interview featuring Dan Elliott! Submit Your Nomination for 2025 Risk Manager of the Year — Part I is due on Oct. 31! RIMS Webinars: “Mastering Property Renewals: Strategies for Success in 2025 with Risk Engineering” | Sponsored by Global Risk Consultants, a TÜV SÜD Company | Oct. 31, 2024 “Lessons from Veterans on Strategic Risk Leadership” | Presented by RIMS | Nov. 4, 2024 “Risk Perception and Management: Insights for a Changing Landscape” | Sponsored by Marsh | Nov. 14, 2024 “From AI to the SEC: The Future of D&O Litigation and Regulatory Exposures” | Sponsored by HUB International | Nov. 21, 2024 “The Future of Risk & Compliance: 5 Key Insights for the Modern Leader” | Sponsored by Resolver | Nov. 25, 2024 “Staying Vigilant: 7 Practical Tips for Ongoing Third-Party Risk Monitoring” | Sponsored by OneTrust | Dec. 12, 2024 RIMS.org/Webinars   Upcoming Virtual Workshops: RIMS-CRMP Exam Prep with PARIMA (Virtual) | November 14–15, 2024 | 9:00 am–4:00 pm SGT — Register by Nov. 7 “Applying and Integrating ERM” | Dec 4‒5 “Captives as an Alternate Risk Financing Technique” | Dec. 17–18 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Big Shifts with John Hagel, ERM Conference Keynote” “Applying ERM Theory with Elise Farnham” “Maintaining an Award-Winning ERM Program with Michael Zuraw” “On Risk Appetite and Tolerance” with Trisha Sqrow “Emerging Risks and Board Reporting” with Suzanne Christensen   Sponsored RIMScast Episodes: “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant (New!) “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Karthick Dalawai, Chief Risk Officer for Penn Mutual Life Insurance Company   Trisha Sqrow, Vice President, Consulting Solutions, Marsh Advisory for Marsh USA Inc.   Suzanne Christensen, SVP, Head of Enterprise Risk Management for Franklin Templeton Investments Social Shareables (Edited For Social Media Use): Why Enterprise Risk Management exists in its current form and where it goes from here tie back to metrics and the quantification of results to enable leaders to make informed decisions. — Karthick Dalawai   Depending on your organization, you might be looking at different values and different types of metrics. Some might be strictly financial. An industry that has significant safety concerns might have a lot of safety value metrics, based on the type of risk. — Trisha Sqrow   Scenario analysis helps because you can run through those situations to say if that happens, then what happens? What do we have to have in place to be able to manage through that? With a 15% growth, you'll need more resources and a plan for the logistics. — Suzanne Christensen  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Chris Willey of American Eagle FCU. Justin asks Chris how banking and financial risk management has evolved since Chris entered the profession, in the past 15 years after the housing crisis, and in the past two years after the SVB collapse. They talk about Chris's 2023 RIMS ERM Global Award of Distinction, how leadership has reacted to the ERM program, and how the program has changed since last year. Chris explains American Eagle FCU's ERM philosophy, including its nine risk categories. Chris shares her thoughts about what it takes to activate an effective ERM Program today, and how ERM can help improve the banking sector and the risk industry overall. October is Cybersecurity Awareness Month. Chris tells what that means to her.   Key Takeaways: [:01] About RIMS. [:15] About this episode. From RIMS headquarters in New York, our guest is Chris Willey, the VP of ERM at American Eagle Financial Credit Union. She is also a recipient of the 2023 RIMS ERM Global Award of Distinction. [:43] The RIMS ERM Conference 2024 will be held on November 18th and 19th in Boston. Opening keynote speaker John Hagel recently appeared here on RIMScast. Register at RIMS.org/ERM2024. [:58] We will talk about everything from RMIS and AI to D&O, ESG, the SEC, and various other acronyms, in addition to future casting and risk quantification. [1:10] RIMS-CRMP holders can earn recertification points by attending the RIMS ERM Conference 2024! For those interested in studying for the exam, a pre-conference workshop will be held on-site on November 16th and 17th. Register now; a link is on this page! [1:34] The next RIMS-CRMP Exam Prep will be held with Purima virtually on November 14th and 15th. The next RIMS-CRMP-FED Exam Course will be hosted along with George Mason University from December 3rd through the 5th. [1:50] Links to these courses can be found on the Certifications page of RIMS.org and through this episode's show notes. [1:57] RIMS Virtual Workshops! Elise Farnham of Illumine Consulting recently joined us here on RIMScast. On December 4th and 5th, she will host Applying and Integrating ERM. On December 17th and 18th, she will host Captives as an Alternate Risk Financing Technique. [2:20] Other dates for the Fall and Winter are available on the Virtual Workshops calendar, RIMS.org/virtualworkshops. [2:28] Interview! My guest today, Chris Willey, is the Vice President of Enterprise Risk Management at American Eagle Financial Credit Union. In 2023, her ERM program received a RIMS ERM Global Award of Distinction. We didn't get to connect last year to discuss it. [2:49] We're here now, and we will learn all about Chris Willey's ERM philosophies, how American Eagle FCU handles certain risks, and what their risk register looks like. We will also get some tips for staying cyber secure, as October is International Cybersecurity Awareness Month. [3:06] Chris Willey, welcome to RIMScast! Congratulations again for your ERM program being one of the honorees of the 2023 RIMS ERM Global Award of Distinction! [3:51] Chris started at the credit union 34 years ago in Internal Audits where she got to see and understand the entire organization. In 1998, the board of directors started a risk management department. Chris applied and got the job. [4:25] At first, they worked on traditional risk management, including insurance and fraud. Over the years, they added responsibilities. ERM was the last piece they added to their risk management repertoire, 14 years ago. [4:56] Around the time of the housing crisis, one of the credit union's high-risk areas, the board asked Chris to create an ERM program. Credit union regulators were also instrumental in starting ERM. While not required, having an ERM program is necessary to understand your risks. [6:26] Chris has one staff member, Theresa, the Assistant Vice President, who helps with all facets of risk management. Chris and Theresa do a lot. Chris says it would be nice to have another person helping them. [7:28] After the Silicon Valley Bank collapsed in March 2023, the interest rate risk and liquidity risk got a lot of attention. American Eagle FCU was on top of it. Their interest rate risk was increasing and the ERM program had already begun taking measures to thwart risk. [8:10] American Eagle had scaled back some of their lending and beefed up their liquidity because of what happened on the West Coast. That helped put them in a great spot. [8:44] The regulators had come down hard on them and American Eagle did a lot of things to prove that they were going to be OK. The regulators are the insurers so wanted to make sure American Eagle had enough liquidity in case something happened like that at the credit union. [9:04] It was a lot of work. The CFO and others in the organization put in additional monitoring tools. That's what the ERM program does. It says, “Hey, we've got a potential issue or higher risk.” It's a call to action to ask, "What are we going to do differently to mitigate the risk?" [9:37] American Eagle's interest rate risk is still trending a little bit higher but it's under control and being monitored. The regulators gave them a great pass last year and are working on this year's audit. [10:12] When the American Eagle FCU ERM program was awarded the 2023 RIMS ERM Award of Distinction, regulators were thrilled. The board of directors was very happy to hear of it at a board meeting. The Risk Council Team was also thrilled and felt they were on the right track. [11:11] The award came at a good time for the ERM program. Since then, American Eagle has had a few new executive leaders. The ERM program team is educating the risk council on what ERM is and the nine risk categories, definitions, KRIs, and what they should keep or change. [12:43] American Eagle is getting to the point of putting new KRIs in place to see where they land with the risk ratings. They are asking if their risk tolerance or appetite should be increased. American Eagle FCU has been risk-averse. You can take calculated risks with an ERM program. [13:41] If the risk gets to be above your expectations, you can try to reel it back to a more manageable level. [14:04] American Eagle FCU is growing in its assets and also in its team members. The ERM program is adding a People Risk category to help create a culture that's engaging. The board of directors is excited to see what that will look like. [14:39] Plug Time! RIMS Webinars! On October 24th, Hub International returns for the fourth installment of their Ready for Tomorrow series, “From AI to the SEC: The Future of D&O Litigation and Regulatory Exposures”. [14:56] On October 31st, TÜV SÜD GRC discusses “Mastering Property Renewals: Strategies for Success in 2025 with Risk Engineering”. On November 4th, I will be hosting a special RIMS Webinar presentation, “Lessons from Veterans on Strategic Risk Leadership”. [15:17] On November 14th, Marsh will present “Risk Perception and Management: Insights for a Changing Landscape”. On Thursday, December 12th, OneTrust returns to deliver “Staying Vigilant: 7 Practical Tips for Ongoing Third-Party Risk Monitoring” [15:43] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [15:55] There is another webinar you should know about. On October 22, 2024 at 1:00 p.m. ET. I will be moderating for my friends at ex judicata “If I Leave the Law — A Webcast Series: Landing a Nonlegal Job in Insurance Industry: Risk Management, Brokerage, Claims, & Advisory”. [16:20] Other panelists include leaders from Lockton, Berkshire Hathaway Specialty Insurance, and our friend from the RIMS Public Policy Committee and the RIMS Detroit Chapter, Lynn Haley Pilarski, who works at GM. The link is in this episode's show notes. [16:41] This is a complimentary webinar and it is a chance for you to invite your friends who are in the legal profession, looking to transition to another role, to check out risk management and see what it's all about. The link is in this episode's notes. [16:58] Back to My Interview with Chris Willey of American Eagle FCU! The nine risk categories of American Eagle's ERM program are credit risk, interest rate risk, liquidity risk, transaction risk, compliance risk, concentration risk, strategic risk, reputation risk, and cyber risk. [17:44] American Eagle FCU started with the seven NCUA risks, and as cybercrime became prevalent, they added a category for cyber risk. When NCUA sent a letter on concentration risk, American Eagle FCU added a category for concentration risk. The people risk is upcoming. [18:32] Now all risks are counted equally, but they may start looking at weighted averages. That is still TBD. [19:25] American Eagle FCU has from 335 to 350 team members. The credit union is state-charted in Connecticut. They have members in Massachusetts but no branches in that state. They have no plans to charter in other states. [20:35] American Eagle FCU is trying to manage everything with a balanced approach, taking on more risk than before, and moving toward the center of the risk spectrum. The initiatives of their strategic plan involve a certain amount of risk and it will be OK. [21:34] To start an ERM program from scratch in 2024 you need executive buy-in. The tone from the top is important. American Eagle FCU started at the management level and once it was running well, they brought the board of directors into it. [22:01] Chris explains how strategic initiatives, projects, budgets, finances, and reputation were KRI measures that were reported to the board twice a year. [22:52] Two of the three 2023 honorees of distinction, American Eagle FCU and Sterling Bank and Trust, are in the banking sector, which speaks to what ERM can do for banking. [23:21] With interest rates as they are, it's a good idea for a bank to have an ERM program to help navigate these times, whether interest rates are going up or down. Risk management is very basic to every financial institution, whether or not it is ERM. [24:36] Justin remembers that there was no risk manager at Silicon Valley Bank. RIMS believes that every organization, regardless of its size, should have a dedicated risk professional. Chris thought at the time there were going to be a lot of risk management positions opening up. [25:36] It is prudent to have a risk professional. They bring insight to your thinking that you may never have considered. The American Eagle FCU ERM program uses Key Risk Indicators. You want leading KRIs to pinpoint problems that are up and coming. Look forward, not back. [26:29] ERM can help the risk profession greatly. In the cyber area, everyone has data they need to protect. If you have an ERM program looking at some of the risks in the cyber area, you might be able to create a better environment and protect against all the threats out there. [27:08] Threats are not going to stop. They will continue to get worse. American Eagle ERM makes decisions based on its ERM program. They do business-level risk assessments to help business owners understand how to stay within their risk tolerance level. [27:51] ERM is language and knowledge from which every organization can benefit. [27:57] October is Cybersecurity Awareness Month. American Eagle FCU has participated in Cybersecurity Awareness Month for over a decade to educate team members on all kinds of cybersecurity issues and threats. [28:38] This year, the theme is Willy Wonka, with cyber security videos and activities for interactive learning. They issue their security training for the year for all team members. They also educate members with tips on social media, their newsletter, and their website. [29:45] American Eagle FCU is holding a fraud symposium for members. October at American Eagle FCU is a fun time. The CFO dresses as WIlly Wonka and the ERM team members are Oompa Loompas. They do short videos throughout the month about what's coming up. [31:41] Chris, it is wonderful to see you. I appreciate all your time and your wonderful insight. It speaks to the banking sector and the broader risk community. There's a lot that our listeners can learn from this episode. Congratulations again on the 2023 RIMS ERM Award of Distinction! [32:09] Special thanks again to Chris Willey of American Eagle FCU for joining us here on RIMScast! Check out the episode's show notes for more resources about cybersecurity and the 10 risks we discussed during the interview.  [32:24] More RIMS Plugs! The RIMS ERM Conference 2024 will be held in Boston, Massachusetts on November 18th and 19th. Register today at RIMS.org/ERM2024! [32:40] The RIMS App is available to RIMS members exclusively. Go to the App Store and download the RIMS App with all sorts of RIMS resources and coverage. It's different from the RIMS Events App. Everyone loves the RIMS App! [33:13] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [33:58] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:15] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [34:32] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:46] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [34:54] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS ERM Conference 2024 will be in Boston, MA Nov. 18‒19 | Register Now RIMS DEI Council RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS Strategic & Enterprise Risk Center NEW FOR MEMBERS! RIMS Mobile App The Strategic and Enterprise Risk Center RIMS-CRMP Stories — New interview featuring Dan Elliott!  Submit Your Nomination for 2025 Risk Manager of the Year — Part I is due on Oct. 31! International Cybersecurity Awareness Month RIMS Webinars: “If I Leave the Law — A Webcast Series: Landing a Nonlegal Job in Insurance Industry: Risk Management, Brokerage, Claims, & Advisory” | Presented by ex judicata | Oct. 22, 2024 “From AI to the SEC: The Future of D&O Litigation and Regulatory Exposures” | Sponsored by Hub International | Oct. 24, 2024 “Mastering Property Renewals: Strategies for Success in 2025 with Risk Engineering” | Sponsored by Global Risk Consultants, a TÜV SÜD Company | Oct. 31, 2024 “Lessons from Veterans on Strategic Risk Leadership” | Presented by RIMS | Nov. 4, 2024 “Risk Perception and Management: Insights for a Changing Landscape” | Sponsored by Marsh | Nov. 14, 2024 “Staying Vigilant: 7 Practical Tips for Ongoing Third-Party Risk Monitoring” | Sponsored by OneTrust | Dec. 12, 2024 RIMS.org/Webinars   Upcoming Virtual Workshops: RIMS-CRMP Exam Prep with PARIMA (Virtual) November 14‒15, 2024 | 9:00 am‒4:00 pm SGT — Register by Nov. 7. Applying and Integrating ERM | Dec 4‒5 Captives as an Alternate Risk Financing Technique | Dec. 17‒18 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Big Shifts with John Hagel, ERM Conference Keynote” “Applying ERM Theory with Elise Farnham” “Maintaining an Award-Winning ERM Program with Michael Zuraw”   Sponsored RIMScast Episodes: “RMIS Innovation with Archer” | Sponsored by Archer (New!) “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich (New!) “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Chris Willey, VP of Enterprise Risk Management at American Eagle Financial Credit Union The American Eagle FCU ERM top risk categories: Credit Risk Interest Rate Risk Liquidity Risk Transaction Risk Compliance Risk Concentration Risk Strategic Risk Reputation Risk Cyber Risk Coming soon: People Risk Social Shareables (Edited For Social Media Use): Our CFO and others in our organization put in additional monitoring tools. That's what the ERM Program does. It says, “Hey, we've got a potential issue or higher risk.” It's a call to action to ask, "What are we going to do differently to mitigate the risk?" — Chris Willey   It's hard to benchmark one ERM Program to the next. It's different, based on your risk tolerances and the way you run your business. — Chris Willey   If we want to grow, give back to the community, and do all the initiatives we would like to with our strategic plan, we are going to have to take more risk, and it's going to be OK. — Chris Willey   Threats are not going to stop. They are going to continue and get worse. We make decisions based on our ERM program. We do business-level risk assessments and get the business owners involved so they understand what their tolerance levels are. — Chris Willey

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin___________________________Episode NotesIn the third and final installment of the series titled "Building a CISO Office: Mastering Enterprise Risk Management and Aligning Cybersecurity with Business Goals," Sean Martin continues his compelling conversation with Kush Sharma. This episode focuses on the critical aspects of team dynamics, project management, and stakeholder engagement in the realm of cybersecurity.Kush Sharma elaborates on the importance of establishing a well-structured and communicated vision for security operations within an organization. He emphasizes the necessity of setting expectations with security teams before any major project initiation. According to Sharma, transparency is vital. Security leaders must candidly discuss with their teams that not every decision will tip in their favor, but their role is to advocate for security while being adaptable to business needs. He stresses the importance of documenting and following up on risk mitigation measures even if they aren't implemented immediately.Sharma also sheds light on the concept of integrating business and security functions more seamlessly. He proposes not just embedding security into business but also bringing business personnel into the security fold. By having business unit members work within security teams temporarily, organizations can build a robust line of communication and mutual understanding. This cross-functional approach creates internal champions for security measures and helps significantly cut costs as internal personnel generally have lower operational costs compared to external consultants.A significant portion of the episode revolves around the nuanced engagement with different stakeholders, particularly at the executive level. Sharma advises CISOs to view themselves as peers to other C-suite executives, prepared to defend their positions and decisions vigorously. It's crucial for CISOs to maintain this executive-level mindset and openly communicate the broader business implications of security decisions. Sharma highlights that making a business case for security and showing tangible returns on investment can secure better funding and support from the executive team, leading to more substantial investments in long-term security measures.Sean Martin wraps up the episode by touching on the importance of storytelling in cybersecurity. By translating technical achievements and risk mitigation efforts into relatable stories, CISOs can effectively communicate the value of their work across the organization. These narratives help ensure security remains a priority in business strategies and operations, fostering an environment where security considerations are integral to planning and executing new initiatives.In conclusion, the episode provides essential insights for current and aspiring CISOs on navigating the complexities of internal communications, leadership, and strategic planning in cybersecurity. Both Kush Sharma and Sean Martin offer practical advice and strategies that can help elevate the role of security within any organization, thereby protecting its infrastructure and supporting its growth objectives.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin___________________________Episode NotesIn the third and final installment of the series titled "Building a CISO Office: Mastering Enterprise Risk Management and Aligning Cybersecurity with Business Goals," Sean Martin continues his compelling conversation with Kush Sharma. This episode focuses on the critical aspects of team dynamics, project management, and stakeholder engagement in the realm of cybersecurity.Kush Sharma elaborates on the importance of establishing a well-structured and communicated vision for security operations within an organization. He emphasizes the necessity of setting expectations with security teams before any major project initiation. According to Sharma, transparency is vital. Security leaders must candidly discuss with their teams that not every decision will tip in their favor, but their role is to advocate for security while being adaptable to business needs. He stresses the importance of documenting and following up on risk mitigation measures even if they aren't implemented immediately.Sharma also sheds light on the concept of integrating business and security functions more seamlessly. He proposes not just embedding security into business but also bringing business personnel into the security fold. By having business unit members work within security teams temporarily, organizations can build a robust line of communication and mutual understanding. This cross-functional approach creates internal champions for security measures and helps significantly cut costs as internal personnel generally have lower operational costs compared to external consultants.A significant portion of the episode revolves around the nuanced engagement with different stakeholders, particularly at the executive level. Sharma advises CISOs to view themselves as peers to other C-suite executives, prepared to defend their positions and decisions vigorously. It's crucial for CISOs to maintain this executive-level mindset and openly communicate the broader business implications of security decisions. Sharma highlights that making a business case for security and showing tangible returns on investment can secure better funding and support from the executive team, leading to more substantial investments in long-term security measures.Sean Martin wraps up the episode by touching on the importance of storytelling in cybersecurity. By translating technical achievements and risk mitigation efforts into relatable stories, CISOs can effectively communicate the value of their work across the organization. These narratives help ensure security remains a priority in business strategies and operations, fostering an environment where security considerations are integral to planning and executing new initiatives.In conclusion, the episode provides essential insights for current and aspiring CISOs on navigating the complexities of internal communications, leadership, and strategic planning in cybersecurity. Both Kush Sharma and Sean Martin offer practical advice and strategies that can help elevate the role of security within any organization, thereby protecting its infrastructure and supporting its growth objectives.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Are you concerned about the risks posed by AI in your like of work?Do you know how to make the most of AI for better risk management?Listen to this Disruption Talk with a special guest, Ido Lustig, ex–Chief Risk Officer at checkout.com.Ido has an impressive track record:- He launched a fraud detection tool that exceeded all targets.- He established a comprehensive Enterprise Risk Management framework.- He reduced buyer fraud by 20% through innovative risk analytics.On this episode together with Radek Zaleski, Senior Partner at Netguru talked about:- AI vs Risk Spotting: How AI is revolutionizing risk detection- Digital Channels & Increased Fraud: Tackling new fraud challenges- Replacing Jobs? The impact of AI on employment- Who Watches the Watchmen? Ensuring AI accountability

In this episode of the Risk Intel podcast, host Ed Vincent, invites Niki White, Chief Growth Officer at SRA Watchtower, back to the show to discuss the critical differences between enterprise risk management (ERM) and the audit functions within a financial institution. The discussion centers on the three lines of defense model, a widely recognized framework in risk management. Here's a breakdown of how ERM and audit functions differ across each line of defense and technology's role in enhancing these functions. Follow us to stay in the know!

In this episode, host Mike Richards talks to James Kelly, about his career as a treasury leader and his passion for AI and technology.James Kelly s the SVP Treasury and Enterprise Risk Management at Pearson, a FTSE 100 learning company. During his time at Pearson, James's team have established a reputation as being leading innovators in treasury, winning the 2023 TMI award for best AI deployment, best emerging technology solution at the 2024 Adam Smith awards and winning in the bonds under £500m at the ACT's 2021 deal of the year awards for Pearson's debut social bond issuance. The team has established a comprehensive in-house bank structure employing high levels of automation to drive efficiency. Pearson also uses Cashforce, a leading AI enabled cash forecasting solution to produce central cash forecasts on behalf of operating companies, which they then critique and optimise.The episode begins with James discussing his early career in finance and how he transitioned into treasury at Kingfisher PLC. He then talks about his experience at Sky and Rentokil, where he gained front office and M&A experience. James shares his journey to Pearson, where he faced the challenge of transforming the company amidst changing market conditions. He also discusses his passion for AI and automation in treasury processes. What to Expect:James shares his early career experiences and how he entered the treasury field.He discusses his roles at Kingfisher, Sky, and Rentokil, highlighting key learnings and experiences.James talks about the challenges and opportunities he faced at Pearson and the importance of transformation. He shares his passion for AI and automation in treasury processes and how it can benefit treasurers.James provides practical advice for treasury professionals starting their careers and those looking to progress.You can connect with James Kelly on LinkedIn. Are you interested in pursuing a career within Treasury?Whether you've recently graduated, or you want to search for new job opportunities to help develop your treasury career, The Treasury Recruitment Company can help you in your search for the perfect job. Find out more here. Or, send us your CV and let us help you in your next career move!If you're enjoying the show please rate and review us on whatever podcast app you listen to us on, for Apple Podcasts click here!To subscribe to the Treasury Career Corner podcast via:Apple

Join me as I with with leading resilience and risk expert, Terry Lee. During today's discussion we touch on 3 key important topics: Operational Resilience, Vendor Risk Management, and Enterprise Risk Management. 1. Operational Risk ( Defining OpR, Leadership confidence, Risk as an opportunity, Who 'owns' OpR, Where OpR resides in an organization...and more!) 2. Vendor Risk Mgmt. (The difference between supply chain mgmt. and vendor risk mgmt., Regulatory standards, Vendor assessments, NDAs and obtaining necessary information, Testing with vendors...and more!) 3. Enterprise Risk Mgmt. (BCM and ERM, Changing Cultures, risk registry, Risk in motion, Model risks...and more!) Terry shares a wealth of great information and insights that all business leaders and contingency/resilience professionals can benefit from. Don't miss what Terry has to share. Enjoy!

TalkLP Host Amber Bradley fangirled out for her love of all things Vegas before diving into the world of Risk Management with Resorts World's Executive Director of Risk Management, Mark Habersack. Mark and Amber discuss his 40-year career in the industry and the strategies he used to find success. They also talk tech utilization and the buzzword of the moment, Enterprise Risk Management. Plus the best career advice he ever received AND a little advice of his own! Connect with Mark here!

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin___________________________Episode NotesIn this part two of the three-part series on The Redefining CyberSecurity Podcast, host Sean Martin is joined by Kush Sharma to discuss the critical topic of building a Chief Information Security Officer (CISO) office from the ground up. Both speakers bring invaluable insights from their extensive experiences, illustrating key points and real-world scenarios to help organizations navigate the complexities of cybersecurity and business transformation.Sean kicks off the conversation by emphasizing the strategic role of the CISO in business transformation. He explains that a successful CISO not only secures what the business wants to create but also contributes to developing a powerful and secure business. He points out that CISOs often have a unique perspective, experience, and data that can significantly impact the way business processes are transformed and managed.Kush expands on this by highlighting the need for adaptability and a mindset of continuous change. He shares that CISOs should view their organization as a business function solely dedicated to protecting assets. He uses examples to demonstrate how missions change every few years due to the rapid evolution of technology and processes, making it essential for security teams to pivot and adjust their strategies accordingly.Kush stresses the importance of collaboration across different teams—from digital to physical—and notes that a key to successful security management is building a culture that is adaptable and aligned with the business's changing objectives. One of the most interesting points brought up is the significance of involving security from the outset of any new project.Sean and Kush discuss the importance of integrating the CISO into discussions around business requirements, system architecture, and technology selection. By being involved early, CISOs can help ensure that the organization makes informed decisions that can save time, reduce risks, and ultimately contribute to a more secure business environment.Another critical aspect discussed is the approach to risk management. Kush describes a structured method where security teams provide options and recommendations rather than outright saying 'no' to business requests. He mentions the use of risk acceptance forms, which require high-level sign-offs, thus ensuring that decision-makers are fully aware of the risks involved and are accountable for them. This transparency fosters a sense of shared responsibility and encourages more informed decision-making.Both Sean and Kush provide a comprehensive look at the evolving role of the CISO. They make it clear that today's CISOs need to be strategic thinkers, skilled negotiators, and effective communicators to successfully lead their organizations through the complexities of modern cybersecurity challenges. The insights shared in this episode are invaluable for anyone looking to understand the multifaceted responsibilities of a CISO and the indispensable contributions they make to business success.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin___________________________Episode NotesIn this part two of the three-part series on The Redefining CyberSecurity Podcast, host Sean Martin is joined by Kush Sharma to discuss the critical topic of building a Chief Information Security Officer (CISO) office from the ground up. Both speakers bring invaluable insights from their extensive experiences, illustrating key points and real-world scenarios to help organizations navigate the complexities of cybersecurity and business transformation.Sean kicks off the conversation by emphasizing the strategic role of the CISO in business transformation. He explains that a successful CISO not only secures what the business wants to create but also contributes to developing a powerful and secure business. He points out that CISOs often have a unique perspective, experience, and data that can significantly impact the way business processes are transformed and managed.Kush expands on this by highlighting the need for adaptability and a mindset of continuous change. He shares that CISOs should view their organization as a business function solely dedicated to protecting assets. He uses examples to demonstrate how missions change every few years due to the rapid evolution of technology and processes, making it essential for security teams to pivot and adjust their strategies accordingly.Kush stresses the importance of collaboration across different teams—from digital to physical—and notes that a key to successful security management is building a culture that is adaptable and aligned with the business's changing objectives. One of the most interesting points brought up is the significance of involving security from the outset of any new project.Sean and Kush discuss the importance of integrating the CISO into discussions around business requirements, system architecture, and technology selection. By being involved early, CISOs can help ensure that the organization makes informed decisions that can save time, reduce risks, and ultimately contribute to a more secure business environment.Another critical aspect discussed is the approach to risk management. Kush describes a structured method where security teams provide options and recommendations rather than outright saying 'no' to business requests. He mentions the use of risk acceptance forms, which require high-level sign-offs, thus ensuring that decision-makers are fully aware of the risks involved and are accountable for them. This transparency fosters a sense of shared responsibility and encourages more informed decision-making.Both Sean and Kush provide a comprehensive look at the evolving role of the CISO. They make it clear that today's CISOs need to be strategic thinkers, skilled negotiators, and effective communicators to successfully lead their organizations through the complexities of modern cybersecurity challenges. The insights shared in this episode are invaluable for anyone looking to understand the multifaceted responsibilities of a CISO and the indispensable contributions they make to business success.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   This episode of RIMScast is proudly sponsored by Hillwood. Hillwood is a leading multinational real estate development company and part of the Perot family of companies. For more information, visit Hillwood.com.   Justin Smulison interviews four guests today, SORM Executive Director, Stephen Volbrecht, SORM Division Chief of Strategic Programs, James Cox, SORM Chairman of the Board of Directors, Gerald Ladner, Sr., and DFW RIMS Chapter Board Member Penni Chambers. The discussion covers the various roles of Stephen, James, and Gerald in SORMS, the purpose and development of SORMS over the years, and how SORMS manages risks for all the state of TEXAS. They also speak of the upcoming RIMS DFW 2024 Fall Conference on September 19th at the Irving Convention Center in Irving Texas and what they will present there.   Listen in for ERM wisdom and a preview of the RIMS DFW 2024 Fall Conference. Key Takeaways: [:01] About our sponsor, Hillwood. [:13] About this episode of RIMScast, coming to you from RIMS Headquarters in New York. Our guests are from the Texas State Office of Risk Management. [:37] First, let's talk about RIMS Virtual Workshops. The full calendar of virtual workshops is at RIMS.org/VirtualWorkshops. August 15th kicks off the three-part series, Leveraging Data and Analytics for Continuous Risk Management. Other dates for the Fall and Winter are available on the Virtual Workshops full calendar at RIMS.org/VirtualWorkshops. [1:01] Let's talk about prep courses for the RIMS-CRMP. The next virtual offering will be on August 7th and 8th, a RIMS-CRMP Exam Prep along with Utah Valley University. [1:13] The next RIMS-CRMP-FED Exam Prep course will be hosted along with George Mason University on December 3rd through 5th, 2024. Links to these courses can be found on the Certification Page of RIMS.org and in this episode's show notes. [1:28] Registration opened for the RIMS Canada Conference 2024 which will be held from October 6th through the 9th in Vancouver. Visit RIMSCanadaConference.ca to register. All RIMS regional conference information can be found on the Events page at RIMS.org. [1:47] We would like to extend a big “Thank You” to today's sponsor, Hillwood. Hillwood is a leading multinational real estate development company and part of the Perot family of companies. Hillwood's diverse portfolio includes industrial, logistics, corporate offices, retail, aviation, and multi-family housing developments. [2:05] Notably, Hillwood's Alliance Texas project has generated over 66,000 jobs and a $120 billion economic impact. Hillwood operates in 65 markets across North America and Europe, constantly seeking opportunities to create vibrant communities and deliver value to its partners. [2:23] Hillwood specializes in e-commerce industrial development, serving some of the world's largest retailer brands. Its residential communities division is dedicated to creating truly unique, master-plan communities. In 2023, Hillwood sold 2,141 homes in its communities and delivered nearly 1,500 lots to builders with more than 3,800 lots in the pipeline for 2025. [2:45] Hillwood is also leading the development team for Goldman Sachs's new facility in uptown Dallas. As a privately owned company, Hillwood prioritizes long-term sustainability: social, economic, and environmental. For more information, visit Hillwood.com. [3:05] Today we will be joined by leaders of the Texas State Office of Risk Management. They will participate in a panel discussion on September 19th at the DFW RIMS Annual Conference and Event. [3:18] They're a fabulous chapter and that event will be held at the Irving Convention Center in Irving, Texas. A link is in this episodes' show notes. Visit DWWRIMS.org for sponsorship opportunities and registration information. [3:31] Our guests today will discuss what it takes for the Texas State Office of Risk Management to function, how they prepared and reacted to Hurricane Beryl in July, and we'll talk ERM and how some of their military experiences have enabled them throughout their risk careers and at the Texas State Office of Risk Management (SORM). [3:55] SORM Executive Director, Stephen Volbrecht, Division Chief of Strategic Programs, James Cox, and Chairman of the Board of Directors, Gerald Ladner, Sr., welcome to RIMScast! [4:54] Stephen Volbrecht is the State Risk Manager for Texas and Executive Director of SORM. The office administers the Enterprise Risk Management Program, the Insurance Management Program, the self-insured Workers' Compensation Program, and the Continuity of Government Operations Program. Those are the four key missions of the Texas SORM. [5:58] Gerald Ladner, Sr. has been in the industry for 42 years and successfully navigated four hard markets. He has played roles with global and domestic U.S. insurance companies and is still engaged with the industry even though he's semi-retired. [6:29] Gerald has also served as a broker. He has insured prominent clients like the Coca-Cola Company, the City of Atlanta, Fulton County, and The Southern Companies. He quoted on the Boston Artery Tunnel Project, which capped the global reinsurance industry supply. Gerald's last assignment was as a Regional President at State Auto Insurance Company. [6:52] Gerald is involved today in independent board work, as well as serving his Alma Mater, and has served as Insurance Commissioner Appointee for the Texas Property and Casualty Guarantee Insurance Association, as well as the Texas Medical Liability Joint Underwriting Association. Gerald's turn as Chairman of the Board at SORM expires in 2027. [8:01] James Cox is the Division Chief of Strategic Programs at SORM. His job is to take the vision that Gerald has and the strategic view that Stephen has and make them applicable to the Texas state agencies. He does the daily work that supports their vision and mission. He has an insurance adjuster license, an agent license, a notary, and a risk manager license. [9:40] Stephen Volbrecht has been with SORM for more than 20 years in various roles. He joined in 2001, just before 9/11. The office was created in 1996 and went into operation in 1997. It was created to get workers' compensation costs under control for Texas state employees. [10:37] At that time, The Office of the Attorney General, Workers' Compensation Division, paid Workers' Compensation claims while the Department of Insurance, Division of Health and Safety, had the Texas Workers' Compensation Commission. The two agencies didn't communicate directly. [11:38] Texas combined the Attorney General's Workers' Compensation Division and the Department of Insurance's Workers' Compensation Commission and created the State Office of Risk Management. [11:49] Within two years, they had dropped Workers' Compensation costs by over $30 million, and not by denying claims or cutting corners. They paid claims more timely, stopped disputing claims, and prevented injuries from happening through risk management. [12:30] They continually put pressure on costs, even as medical inflation rises. Texas pays about $40 million a year for accidents and injuries. Because of success with Workers' Compensation, SORM now has three additional missions, the Enterprise Risk Management Program, the Insurance Management Program, and the Continuity of Government Operations Program. [13:42] SORM worked with the Federal government to design the Texas Continuity of Government Operations Program, helped the State Legislature adopt it, and then was tasked with implementing it. Gerald Ladner and James Cox use their industry knowledge to develop procedures and frameworks for the Insurance Management Program. [14:58] SORM is a fundamentally different agency than the office Stephen joined in 2001 because the scope of its mission set has expanded greatly over the 20-plus years. [15:32] SORM is a fairly large office compared to what other states might have. It's an office of specific subject matter experts over each of the domains it covers. It has a broad scope, including Enterprise Risk Management. [16:02] Gerald says SORM has a small board of five members responsible for strategic guidance, governance, innovation, leadership, risk management, stakeholder engagement, performance monitoring, and mentorship to the executive team. The board can decide quickly and anticipate the areas of risk they need to look at and how the organization will address them. [16:45] Justin takes a brief break and thanks Hillwood for sponsoring this episode. Hillwood operates in 65 markets across North America and Europe, constantly seeking opportunities to create vibrant communities and deliver value to partners. Visit Hillwood.com for more information and to seize those opportunities. [17:08] Justin also dives deeper into the RIMS DFW 2024 Fall Conference and Spa Event that will be held on September 19th and 20th in Irving Texas. Here to tell us a little bit more about it is an omnipresent force among DFW RIMS members; Penni Chambers, welcome back to RIMScast! [17:34] This episode is airing almost four years after Penni made her RIMScast debut. A lot has changed in four years! [18:20] Penni is Vice President of Risk Management at Hillwood. She is in charge of a team of two that maintains, procures, and does all things insurance for all of Hillwood and its enterprise companies, including land and cattle, oil and gas, and aviation. [18:52] Penni's role at RIMS has changed. She is serving the constituents of the RIMS chapters and members by being a proud board director. Penni is a lifelong member of DFW RIMS and a former president, serving a term in 2019. [19:30] Penni will moderate the kick-off session of the RIMS DFW 2024 Fall Conference on September 19th at the Irving Convention Center in Irving Texas. She will be moderating a panel with today's guests, from the Texas State Office of Risk Management, Stephen Volbracht, Gerald Ladner, and James Cox. There will be so much talent and knowledge on that panel! [20:09] Penni is so excited to moderate this panel. They will go through the who, what, when, where, and why for this panel. They will talk about governance and the legislative process, and how they manage and procure their liabilities and assets. Texas is huge. These gentlemen have a great responsibility. Penni is excited to get to interview them! [21:04] Besides this panel, attendees can also expect workshops, a risk managers' luncheon, and other speakers and presenters. On Friday, the 20th, they have a Spa Day. The Spa Day is one of the things that sets the DFW annual conference apart. Chill out a bit at the DFW RIMS Annual Conference. They go big on this deal! [22:04] Registration is open to members and non-members. Join the DFW RIMS for two days of fantastic events! Enticed? Go to DFWRIMS.org for more information and to register. [22:42] Penni says they are so excited to have everyone who is joining them for this event. This is going to be one of the best DFW RIMS Annual Conferences they have ever had! [22:52] Justin thanks Penni and looks forward to seeing her at the 2024 Fall Conference and Spa Event hosted by the DFW RIMS Chapter on September 19th and 20th! Visit DFWRIMS.org for more information. A link is in this episode's show notes. [23:10] Let's return to Justin's interview with the Texas State Office of Risk Management. [23:22] Gerald compares the challenges of his current position to those of the senior leadership roles he has held at insurance companies. It's an opportunity to educate and inform the public in terms of what they do to deal with the issues that emerge in a new area of risk. Gerald says that fortunately, he has been able to survive all the challenges of a very tough business. [24:02] The leadership at SORM focuses on retention, making sure that the team's service to the state is valued and that they have unique growth opportunities. SORM is essentially an insurance company with brokered services. [24:38] They have to make sure the products that are offered are current and forward-leaning, with the metrics in place for timely delivery of services for injured employees. Gerald speaks of how quickly SORM responded to the pandemic. [25:10] Stephen Volbrecht adds that it's important to understand that SORM is, at the foundation, a service organization. They exist to offer support to state agencies for their risk management concerns and objectives. SORM operates as a consultant, assessor, and advisor. SORM is not a regulatory agency, enforcement agency, or auditor. It's 100% about service. [27:13] Beryl was a Category 1 hurricane. James Cox says he joined SORM when Harvey was hitting the coast. That's where the preparedness started for Beryl. Before Beryl hit land, SORM was implementing the things they did post-Harvey. [28:05] Stephen speaks of resilience. You can't prevent an Act of God. He cites the 9/11 Commission. Their primary finding was that the most important failure was one of imagination. Leadership failed to appreciate the gravity of the threat. SORM has the approach never to underestimate what can happen. Uncertainty is at the basis of all risk. [29:41] Anticipate the worst-case scenario, prepare for that, and go from there. SORM ensures that every state entity under its jurisdiction has an updated and validated Continuity of Operations Plan. You can't prevent a disaster but you can mitigate it. There are lessons learned not just from Harvey but from the freeze events that hit Texas for three years running. [30:34] There are mitigation efforts that get put into place after we learn our lessons. Use after-action reports. What failed? Don't do that again. What succeeded? Do more of that! Texas put in dams to prevent inundation of water. They put in automated systems for dampers on air conditioning for the freeze events. [31:07] They went steps further in responding to situations based on risk management reviews and assessments to have product and service contracts and materials pre-staged for when these events happen so that you can bring up your services within hours, not weeks. That has a direct cost impact and an impact on the individuals that are being affected. [31:38] SORM has saved hundreds of millions of dollars in downtime and both direct and indirect expenses compared to where they found themselves as recently as Harvey. You can value the ROI in cost avoidance by comparing years without risk management controls and the years after risk management controls have been implemented. [32:56] James comments about Hurricane Beryl and after-action reports. An internet provider in the area went down, causing restaurants to only take cash. Agencies need the ability to switch from one carrier to another depending on if the carriers are operating. [34:04] Gerald says the board looks forward to the strategic plan that the executive director shares with them and they have the opportunity to acid-test it to make sure they are covering all the areas so they don't have a failure of the imagination. The board maintains the culture and listens to the employees. They invite employees to attend board meetings. They get a full house. [34:56] It shows the employees an alignment between the board and the leadership team. The board gives the executive performance review and the employees will hear areas of outstanding work and areas to focus on in the future. The board seeks to maintain that alignment. [35:32] It's RIMS plug time! Webinars! Servpro makes its RIMS Webinars debut on August 8th with Hurricane Preparedness in 2024: Innovations and Strategies to Protect Your Organization. On August 27th, Riskonnect returns to discuss How To Successfully Deploy AI in Risk Management. [35:57] On September 12th, Hub International returns to deliver the third part of their Ready for Tomorrow series, Pivot and Swerve Staying Agile During Shifting Market Dynamics.  More webinars will be announced soon and added to the RIMS.org/Webinars page. Go there to register. Webinar registration is complimentary for RIMS members! [36:20] We would like to express our thanks to Hillwood for sponsoring this episode of RIMScast. Hillwood is a leading multi-national real estate development company and part of the Perot family of companies. Their diverse portfolio includes industrial, logistics, corporate office, retail, aviation, and multi-family housing developments. [36:43] Hillwood operates in 65 markets across North America and Europe, constantly seeking opportunities to create vibrant communities and deliver value to partners. Seize those opportunities by visiting Hillwood.com. [36:59] Let's return to my interview with Gerald Ladner, Sr., Stephen Volbrecht, and James Cox of the Texas State Office of Risk Management. [37:28] James is a veteran of the U.S.A.F. Stephen is a Captain in the Judge Advocate General Corps. Justin thanks them for their service and asks how those experiences lend themselves to effective risk management. [38:02] James says no matter the specialization in the military, the military does very well operating in high- or higher-risk environments. They drill mission and safety in equal parts. The military mindset is understanding the chain of command, codes, and standards, and what you are basing your risk on. If you don't know the accepted way to do a thing, it is a risk nightmare. [38:49] James has found that using his military background, he knows where to look for how to treat a type of risk. That background transitions easily to risk management. [39:18] Gerald's father did three tours in Vietnam. His daughter went to West Point and was in Iraq. He understands the military mindset. It reflects the strengths we now find in the SORM organization with clear chains of command but also an environment where associates can come forward and bring their issues and opportunities. [40:18] Stephen and James are on the Technical Advisory Group (TAG) for ISO 31000. Stephen says the ISO 31000 framework and other ERM frameworks are essential for SORM. Risk management is about decision-making. The ISO model is that risk is always negative. What you are trying to do is avoid the bad things. [42:43] Stephen says the effect of uncertainty on objectives can be positive, negative, or neutral, whether it's an opportunity, an obstacle, or an obligation. That's where ISO 31000 comes in. For some time, Texas was the only state to adopt ISO 31000 as the state ERM standard. They did it through the utilization of guidelines written in collaboration with contributors. [43:29] They're called the Texas Enterprise Risk Management Guidelines. They don't tell people what to do but they give people a framework for how to answer questions of risk and make decisions. The meta-framework of the guidelines is called Governance, Risk, and Compliance (GRC), developed by OCEG, the Open Compliance and Ethics Group. [44:23] The meta-framework of GRC is that enterprise risk is about critical disciplines. That's the true enterprise risk model. It deals with governance and oversight, Gerald's role; and strategy and performance, James's role. Risks and decisions, compliance and ethics, security and continuity, audit and assurance; each of these domains has to be integrated into an ERM model. [45:00] SORM uses ISO 31000 as it is sufficient to their needs, but they still pull from other standards, such as COSO or SERM. [45:58] James says it's not necessarily the brand of framework you choose that is important. It's the vocabulary that you need to understand. SORM picked ISO 31000 and all the state agencies they work with took a course in it so they all had the same vocabulary. As long as everyone understands the standard, they can apply it. [46:44] The Texas Enterprise Risk Management Guidelines are known as the TERM-G or TERM Guidelines. [47:24] Gerald has a degree in psychology. It was a soft skill that was sought when he entered the workforce. There's a lot of stress on employees and it's important for the leadership team to have the right skill set to work with stressed employees and meet some of their needs. Gerald recalls Enron and the need to make hard choices about ethical behavior. [51:03] Gerald has had an extensive relationship with RIMS. He reminisces about attending RISKWORLD many times when he was with Zurich and cutting deals on the floor. We're in a world where change is increasing and the ability to get fresh, insightful information allows organizations like SORM to think through the next round of strategies to manage the risks. [52:23] Gerald knows the value in RIMS and looks forward to participating in this upcoming panel at DFW. [52:33] Gerald, Stephen, and James will be at the RIMS DFW Conference in September. Gerald will discuss the macro forces at work that have the potential to impact loss cost for SORM, and the state of the reinsurance market which is linked to SORM's ability to get property capacity. [53:06] Gerald says they want to talk about the interplay between risk managers and the boards they report to. Boards are taking a harder look at risk managers. Boards don't like surprises. It takes quality communication with the board. There also has to be strong orientation of new board members so they can act as proactive business partners as they face the challenges. [53:56] Also, the an ongoing discussion about broadening risk appetite and tolerance. The importance of parametric insurance, understanding how the market is behaving. Capacity is being contracted in Florida and the Gulf states and there have to be additional ways of dealing with risk. SORM provides good advice-based education on the proper coverages needed. [55:09] James will talk about how, when he was a new risk manager years ago and risks were new to him, through RIMS, he was connected with a host of individuals who had seen the same risks every day and were veterans of it. RIMS is a support system for a new risk manager. [55:22] He will speak of the tools RIMS provides, like the benchmark surveys, white papers, and articles, like the Hurricane Preparedness 2024 article, that came out 15 days before Beryl was approaching across the Gulf. SORMS is similar to an insurance carrier in Texas, except they want to look at your risk model, policies, and procedures. If there's a gap, then get insurance. [56:31] SORMS is not in it for profit but for protection and what's best for the state of Texas. [56:43] Stephen will talk about the relationships with RIMS over the years the relationships established and the outstanding resources that are available. He finds the compensation report a bit of a downer, though, personally, working for the State Government! [57:32] RIMS and associations like RIMS are essential for upholding high ethical standards and integrity in the profession and are also important for self-governance. When professionals agree on high standards of operation, that keeps the government out of your business. Stephen also talks about other aspects of SORM that people may not know about. [59:41] There are big risks on the horizon that could be talked about, like climate change, cybersecurity, artificial intelligence, political risk, civil unrest, inflationary pressures, global market volatility and alternative risk financing, and the pandemic moving into endemic with massive economic and societal impacts. [1:01:20] Justin thanks Gerald Ladner, Sr., Stephen Volbrecht, and James Cox for being on RIMScast. Anyone who wants to hear more from SORM will travel out to Dallas on September 19th for the DFW RIMS Annual Meeting! Justin will be there and looks forward to seeing them in person, hearing what they have to say, and shaking their hands for a big group shot! [1:01:57] Special thanks again to all of our guests from the Texas State Office of Risk Management, Gerald Ladner, Sr., Stephen Volbrecht, James Cox, and of course, former DFW RIMS President, Penni Chambers, who was also on the RIMS Board of Directors. The DFW RIMS Fall Conference and Spa Event will be held on September 19th and on the 20th is Spa Day. [1:02:24] Visit DFWRIMS.org to register. [1:02:27] Extra special thanks to our sponsor Hillwood. Hillwood is a leading multi-national real estate development company and part of the Perot family of companies. Hillwood's diverse portfolio includes industrial, logistics, corporate, office, retail, aviation, and multi-family housing developments. [1:02:43] Notably, Hillwood's Alliance Texas project has generated over 66,000 jobs and a $120 billion economic impact. Hillwood operates in 65 markets across North America and Europe, constantly seeking opportunities to create vibrant communities and deliver value to its partners. Visit Hillwood.com for more information. [1:03:07] It's Plug Time! The RIMS App is available to RIMS members exclusively. Go to the App Store and download the RIMS App with all sorts of RIMS resources and coverage. It's different from the RIMS Events App. Everyone loves the RIMS App! [1:03:42] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate! Contact pd@rims.org for more information. [1:04:26] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [1:04:43] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [1:04:59] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [1:05:21] Thank you for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: DFW RIMS 2024 Fall Conference and Spa Event | Sept 19‒20 About our sponsor, Hillwood: Hillwood.com RIMS Canada Conference 2024 — Oct. 6‒9 | Registration is open! RISKWORLD 2025 will be in Chicago! May 4‒7 RIMS DEI Council RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS Strategic & Enterprise Risk Center NEW FOR MEMBERS! RIMS Mobile App Spencer Educational Foundation — Funding Their Future Gala 2024   RIMS Webinars: Hurricane Preparedness in 2024: Innovations and Strategies | Sponsored by ServPro | Aug. 8, 2024 How to Successfully Deploy AI in Risk Management | Sponsored by Riskonnect | Aug. 27, 2024 HUB Ready for Tomorrow Series: Pivot and Swerve — Staying Agile During Shifting Market Dynamics | Sept. 12, 2024 RIMS.org/Webinars   Upcoming Virtual Workshops: Leveraging Data and Analytics for Continuous Risk Management (Part I) 2024 — Aug 15 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Sponsored RIMScast Episodes: “Partnering Against Cyberrisk” | Sponsored by AXA XL (New!) “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interviews featuring RIMS Risk Management Honor Roll Inductee Mrunal Pandit!   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Stephen Volbrecht, Executive Director for the State Office of Risk Management (SORM) James Cox, Division Chief of Strategic Programs (SORM) Gerald Ladner, Sr., Chairman of the Board of Directors (SORM) Penni Chambers, former DFW RIMS president and RIMS Board Chairperson   Tweetables (Edited For Social Media Use): The cheapest injury that you ever have is the one that doesn't happen. — Stephen Volbrecht   Our approach is never to underestimate what can happen. Uncertainty is at the basis of all risk; not understanding what the consequences may be. So what you do is you anticipate the worst-case scenario, you prepare for that, and then you go from there. — Stephen Volbrecht   No matter the specialization in the military, the military does very well operating in high- or higher-risk environments. They drill mission and safety in equal parts. — James Cox   We're in a world where change is increasing and the ability to get fresh, insightful information allows organizations like SORM to think through the next round of strategies so that we can manage the risks. — Gerald Ladner, Sr.  

Welcome to this episode of, In Your Best Interest, an ALM First podcast. Have you ever wondered how financial institutions can stay ahead of uncertainties and manage competitive pressures? Join us as Jessica Coulis and Ben Schexnayder reveal the secrets of Enterprise Risk Management (ERM) and its critical role for many institutions. Through personal stories and professional insights, they detail how ERM can break down departmental silos, foster collaboration, and provide a comprehensive view of risks that enhances strategic decision-making. Listen in to understand how a holistic approach to risk management can transform your organization's ability to navigate rapidly changing environments.Unlock best practices for strategic risk management, with a focus on dynamic risk appetite statements and proactive risk metric monitoring. Jessica and Ben discuss how aligning products and services with an organization's risk-taking philosophy ensures new offerings fit within the company's risk appetite. Additionally, get a deep dive into the challenges of deposit sourcing, loan growth, and FinTech integration, all while emphasizing the significance of creating a robust risk culture. Don't miss this opportunity to learn how a strong ERM program can prevent financial surprises and build resilience in today's volatile market.

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode — Part 1 of 3 Parts — of the Redefining CyberSecurity Podcast on ITSPmagazine, host Sean Martin dives into a comprehensive discussion with Kush Sharma, a distinguished leader with vast experience across Accenture, Deloitte, the City of Toronto, and CP Rail. The conversation explores the intricacies of building a Chief Information Security Officer (CISO) office from the ground up, offering invaluable insights for current and aspiring CISOs.Kush Sharma emphasizes the multifaceted role of a CISO, particularly the distinct challenges faced when establishing a cybersecurity program in various organizational contexts—government, private sector, and consulting firms. He points out that in governmental environments, the focus is typically on how to benefit citizens or internal staff while operating under tight scrutiny and budget constraints. In contrast, consulting and private sectors prioritize efficiency, quick deployment, and direct benefits to the organization.A significant part of the discussion centers on enterprise risk management. Sharma highlights the importance of aligning cybersecurity initiatives with organizational objectives. From mergers and acquisitions (M&A) to digital transformations, CISOs must ensure that their strategies mitigate risk while supporting the broader business goals. Kush Sharma advises that during such major projects, security measures need to be integrated from the ground up, focusing on things like role-based access and the segmentation of business processes.Additionally, the challenges of engaging with governmental bodies are explored in depth. Sharma explains the extensive bureaucratic processes and the need for consensus-building, which often lead to significant delays. Understanding these processes allows for better navigation and more efficient outcomes. Sharma also brings out the importance of understanding and acting upon business processes when integrating cybersecurity measures. For instance, in large-scale ERP implementations, it is crucial to map out detailed roles and ensure that security provisions are applied consistently across all integrated systems. By focusing on the distinct roles within these processes, such as AP clerks or accounting managers, CISOs can develop more granular and effective security measures.The episode underscores that success in building a CISO office lies in strategic alignment, efficient resource allocation, and thorough understanding of both technical and business processes. For cybersecurity leaders, this conversation with Kush Sharma offers crucial guidance and real-world examples to help navigate their complex roles effectively. Be sure to listen to the episode for a deeper dive into these topics and more. And, stay tuned for Parts 2 and 3 for even more goodness from Sean and Kush.Top Questions AddressedWhat are the complexities of establishing a CISO office from scratch?How do the requirements and focus differ when establishing a cybersecurity program in governmental versus private sectors?What is the approach to managing enterprise risk during digital transformations and mergers & acquisitions (M&A)?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode — Part 1 of 3 Parts — of the Redefining CyberSecurity Podcast on ITSPmagazine, host Sean Martin dives into a comprehensive discussion with Kush Sharma, a distinguished leader with vast experience across Accenture, Deloitte, the City of Toronto, and CP Rail. The conversation explores the intricacies of building a Chief Information Security Officer (CISO) office from the ground up, offering invaluable insights for current and aspiring CISOs.Kush Sharma emphasizes the multifaceted role of a CISO, particularly the distinct challenges faced when establishing a cybersecurity program in various organizational contexts—government, private sector, and consulting firms. He points out that in governmental environments, the focus is typically on how to benefit citizens or internal staff while operating under tight scrutiny and budget constraints. In contrast, consulting and private sectors prioritize efficiency, quick deployment, and direct benefits to the organization.A significant part of the discussion centers on enterprise risk management. Sharma highlights the importance of aligning cybersecurity initiatives with organizational objectives. From mergers and acquisitions (M&A) to digital transformations, CISOs must ensure that their strategies mitigate risk while supporting the broader business goals. Kush Sharma advises that during such major projects, security measures need to be integrated from the ground up, focusing on things like role-based access and the segmentation of business processes.Additionally, the challenges of engaging with governmental bodies are explored in depth. Sharma explains the extensive bureaucratic processes and the need for consensus-building, which often lead to significant delays. Understanding these processes allows for better navigation and more efficient outcomes. Sharma also brings out the importance of understanding and acting upon business processes when integrating cybersecurity measures. For instance, in large-scale ERP implementations, it is crucial to map out detailed roles and ensure that security provisions are applied consistently across all integrated systems. By focusing on the distinct roles within these processes, such as AP clerks or accounting managers, CISOs can develop more granular and effective security measures.The episode underscores that success in building a CISO office lies in strategic alignment, efficient resource allocation, and thorough understanding of both technical and business processes. For cybersecurity leaders, this conversation with Kush Sharma offers crucial guidance and real-world examples to help navigate their complex roles effectively. Be sure to listen to the episode for a deeper dive into these topics and more. And, stay tuned for Parts 2 and 3 for even more goodness from Sean and Kush.Top Questions AddressedWhat are the complexities of establishing a CISO office from scratch?How do the requirements and focus differ when establishing a cybersecurity program in governmental versus private sectors?What is the approach to managing enterprise risk during digital transformations and mergers & acquisitions (M&A)?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Dr. Karen Hardy discusses with her guest the practice of Enterprise Risk Management at the Port of Jamaica.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Justin Smulison interviews three of his favorite people, Lorie Graham, Trisha Sqrow, and Dr. Lianne Appelt, who are the three authors of the new RIMS Executive Report, Developing and Refining Risk Appetite and Tolerance. They discuss how the executive report was conceived and written, and what the challenges were in writing it. The report contains insight and direction on the need for a clear and accessible risk appetite statement and risk tolerance in any organization using ERM. They speak of challenges risk professionals face in setting a risk appetite statement, and why risk appetite is essential for organizations today, Key Takeaways: [:01] About RIMS and RIMScast. [:15] About this episode of RIMScast, coming to you from RIMS Headquarters in New York. We will be joined by past and present members of the RIMS Strategic and Enterprise Risk Management Council to discuss their new RIMS Executive Report, Developing and Refining Risk Appetite and Tolerance. [:47] First, let's talk about RIMS Virtual Workshops. The full calendar of virtual workshops is at RIMS.org/VirtualWorkshops. On June 11th and 12th, we've got Applying and Integrating ERM. Also on June 11th and 12th, we have Fundamentals of Insurance. On June 18th and 19th, we have Fundamentals of Risk Management. [1:09] On July 9th and 10th, we have Managing Workers' Compensation. On July 23rd and 24th, we have Claims Management. Other dates for Fall and Winter are on the Virtual Workshops full calendar at RIMS.org/VirtualWorkshops. [1:27] Let me tell you about the new dedicated RIMScast episode that just went live, sponsored by Otoos, “Accident Prevention — The Winning Formula For Construction and Insurance”. I interviewed Dana Kfir, the Director of Customer Success at Otoos about how technology can improve safety on construction sites and how companies can use incentives to drive change. [1:57] The link to this dedicated episode is in this episode's show notes. It is complimentary for RIMS members and nonmembers. Go check it out! If you are interested in producing a similar special episode of RIMScast that features your organization and is tailored to meet the needs of your audience, reach out to us at Content@RIMS.org or Sales@RIMS.org. [2:23] The RIMS Canada Conference 2024 will be held in Vancouver from October 6th through October 9th. The deadline for session submissions has been extended through May 30th! Visit RIMSCanadaConference.ca or the link in this episode's show notes to learn more about how you can submit your educational session for consideration at RIMS Canada Conference 2024. [2:54] As mentioned, RIMS has a new Executive Report called Developing and Refining Risk Appetite and Tolerance. It is available through the link in this episode's show notes and through the Risk Knowledge page at RIMS.org. The report was jointly authored by three of my favorite people, Lorie Graham, Trisha Sqrow, and Dr. Lianne Appelt. [3:19] All have been featured in the ERM Q&A Series. Trisha and Lorie have both been featured here on RIMScast, and Lianne is making her debut. We're going to talk all about this wonderful new Executive Report that was just released. We'll see where we can extend the dialog beyond the report. [3:43] Lorie Graham, Trisha Sqrow, and Dr. Lianne Appelt, welcome to RIMScast! [3:53] I am joined by three of my favorite RIMS members. Two of you are returning to RIMScast. One is making your RIMScast debut, Dr. Lianne Appelt. People might know Dr. Lianne Appelt from RIMS-CRMP Stories, earlier this year. [4:36] Trisha Sqrow of Marsh is next. Trisha says it's great to be part of the Strategic and Enterprise Risk Management Council. Trisha was with DFW Airport when they received Honorable Mention for the ERM Award of Distinction in 2021. [5:38] Lorie Graham is “the leading Oracle of ORSA.” Lorie was the Vice-Chair and Chair of the RIMS Strategic and Enterprise Risk Management Council. As the former Chair, Lorie kept her word and helped see this paper through. [6:23] Lianne says that putting together a risk appetite statement or devising risk tolerance levels or the other elements described in this paper are some of the hardest things we do as risk professionals. When this was discussed in the Council, Lianne saw potential value in having a guide with examples for risk practitioners to learn from and use to grow their programs. [7:54] This paper was Trisha's first project on the Strategic and Enterprise Risk Management Council (SERMC). Through working on this paper, Trisha got to know Lorie and Lianne. She used her knowledge and grew a lot in the knowledge gained from Lorie and Lianne. They divided and conquered, each doing an aspect of the project. [8:43] Lorie says working on the paper was a shared responsibility. They each had a different perspective, coming from different industries, having different roles, and facing different challenges in their organizations. It was fun to learn from each other. [9:30] Developing and Refining Risk Appetite and Tolerance is available through a link in the show notes. Lorie says that risk appetite is the direction your company wants to go and tolerance is the amount of variability around that target that you are willing to accept. Tolerance statements are like guard rails. Lorie explains more about risk appetite. [11:15] Lianne talks about when and how to start developing risk appetite and tolerance. It is discussed in detail in the paper. It depends on the circumstances, your stakeholders, and your leadership team. It can take a lot of input, iterations, and time. Use the guidance of your risk culture and make sure you achieve your objectives as a risk practitioner. [13:04] Lianne says a big part is understanding the culture and the organization. Risk appetite is usually one of the last things an organization addresses because it is hard. Your impact statements can inform your appetite and tolerance statements. [14:53] Lorie says the words of the risk appetite statement need to reflect metrics that are important to your business, in the language of the business, and connect to your business goals so people see why it is important. People need to understand the statements. Keep them fresh as the business evolves and the environment changes. [15:55] Whittling the statements down to one or two sentences can be hard, but it is important. It won't be perfect the first time. See how people translate it into the business. [16:27] It's RIMS plug time! Webinars! On June 6th, Evident ID makes its RIMS Webinars debut with Uncovering Hidden Risks in Your Third-Party Risk Management Program. On June 13th, our friends at Riskonnect return to present Unlocking the Value of Business Continuity and Insurable Risk Management. There are more to be announced for June and July! [16:52] Register at RIMS.org/Webinars. Webinars are complimentary for RIMS members! [16:59] The RIMS ERM Conference 2024 will be held on November 18th and 19th in Boston, Massachusetts. The agenda will be announced soon, as will a call for submissions for the ERM Award of Distinction. I'll have that link up soon on an upcoming episode. [17:17] Review your organization's ERM program, and if you feel it was successful and you have the numbers and the data to back it up, compile that information and get ready to submit your ERM program for the ERM Award of Distinction. [17:32] The Spencer Educational Foundation has the goal of helping build a talent pipeline of risk management and insurance professionals. They achieve that goal in part through a collaboration with risk management and insurance educators across the United States and Canada. This also applies to not-for-profit entities. [17:51] If this description applies to you, you should apply for a Spencer General Grant. The application deadline is July 30th, 2024. General Grant awardees are typically notified at the end of October. [18:07] The Spencer 2024 Funding Their Future Gala will be held on Thursday, September 12th, 2024 at The Cipriani 42nd Street in New York City. Links are in this episode's show notes. [18:43] Dr. Lianne Appelt is featured now on the RIMS-CRMP Stories.  A link is in the show notes. Lianne speaks of common challenges risk professionals face when developing risk appetite and tolerance statements. A lot of the challenges are interdependent. One challenge is where setting a risk appetite statement and developing tolerance ends up being a compliance activity. [19:28] For many, it is a “check-the-box” exercise they don't want to spend a ton of time, effort, or energy thinking about how it can add value to the business. They want to do the bare minimum and move on. That leads to another challenge, the “set-it-and-forget-it” situation. If it sits on a shelf or in a Dropbox folder and nobody looks at it, it doesn't add any value to the program. [20:41] Trisha says some of it is having an unclear value proposition and not relating it to the business or the culture of the organization. People ask, “We're doing fine, there have never been issues, so why do we need this?” The value proposition of appetite and tolerance is that it empowers decision-making throughout the organization. It replaces bureaucracy in decisions. [21:36] Statements of risk appetite and tolerance allow you to allocate resources properly to bump up tolerance when needed. They help the organization to be more agile. They tie ERM to your business's strategic goals and initiatives. [22:43] One of the biggest challenges Lorie faced was asking herself, if you set a tolerance and exceeded the tolerance, did you fail? If you exceeded the appetite, did you fail? It's not failure, it's an opportunity to see it coming, know that you're reaching it, and have a strategy before you get there to change your trajectory, risk appetite statement, or goals. [23:26] Get people on board with the understanding that not hitting the target isn't a failure. As you're developing the program, allow for what to do when you need to make an exception. How does that play into how you report? You want to make it so it's not punitive. You want a culture of people being open about variances. It might be an opportunity to be OK with an exception. [24:32] You don't want to chase the data and adjust your tolerance all the time, but it's OK to look at what your appetite is, as you go forward. [24:47] Lianne says another common challenge is the organization's leadership, board or legal team has decided that they absolutely will not put something on paper in terms of risk appetite. That is fairly common in industries like tech, where there is no mandate for ERM. The risk team has to come to the table and demonstrate that value proposition so the leadership understands. [25:30] If the leadership is adamantly against it, what do you do? That is touched on in the executive report. You can achieve objectives without having a formal risk appetite statement. [25:48] Lorie has not seen leadership resistance, as she is in the financial industry where risk appetite statements and tolerance are required. She addresses falling out of target for tolerance. If you've done it right, you see it coming and have a risk response plan. Lorie shares a financial example where an action plan is triggered and a crisis is prevented. [27:13] Trisha and Lianne presented this at RISKWORLD 2024. It was well-attended with lots of audience participation. They had made a similar presentation at the ERM Conference in Denver. The topic has led to more questions and comments than Trisha has ever had at a speaking event. When they put up the QR code for the paper, lots of phones went up. [28:09] Lianne thought it was fantastic. There were good questions. Lots of people resonated with the challenges Trisha and Lianne presented. Lianne hopes the paper will help guide them on their journeys. If anyone wants to download the paper it is available on the Risk Knowledge page of RIMS.org. Lianne has gotten emailed questions from the session and answered them. [29:30] Lianne was an extra in Wonder Woman 2. Justin was an extra in Find Me Guilty with Vin Diesel, directed by Sidney Lumet. [31:14] Lorie looks first and foremost for curiosity in a new hire for ERM. You need to be curious about the cause and effect of things. You also need good data analytic skills, and acumen for making critical decisions, using deduction, and coming to conclusions. With those skill sets, you can be tremendous at ERM risk management. [31:56] Trisha looks for collaboration. A risk practitioner works with people from all over the organization. She looks for people able to gather and understand people's points of view and meet them where they are, sometimes with persuasiveness. It is important to speak to people at all levels of the organization. ERM is at that strategic level so you'll have to speak with leaders. [32:59] On top of those great qualities, Lianne adds perseverance and flexibility. Especially in tech, there is constant change and evolution. If something doesn't work the first time, you can't give up. You have to be able to maneuver situations creatively and come up with solutions that speak to the culture of the business. That makes you more collaborative and successful in ERM. [33:42] This has been such a fun interview. You wrote a terrific paper, Developing and Refining Risk Appetite and Tolerance. We appreciate all you do for RIMS! On behalf of the organization, thank you very much! [34:11] Special thanks once again to Lorie Graham, Trisha Sqrow, and Dr. Lianne Appelt for joining us here today on RIMScast. They co-authored the new RIMS professional report, Developing and Refining Risk Appetite and Tolerance. It is available through a link on this episode's show notes. We're very grateful to them for all their contributions. [34:33] We hope to see them in some capacity at the RIMS ERM Conference 2024 in Boston, Massachusetts, November 18th and 19th. More details about that conference are on the way. [34:46] It's plug time! The RIMS App is available to RIMS members exclusively. Go to the App Store and download the RIMS App with all sorts of RIMS resources and coverage. It's different from the RIMS Events App. Everyone loves the RIMS App! [35:18] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate! Contact pd@rims.org for more information. [36:01] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [36:19] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [36:35] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [36:56] Thank you for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Executive Report: Developing and Refining Risk Appetite and Tolerance RISKWORLD 2025 will be in Chicago! May 4‒7 RIMS DEI Council Spencer Educational Foundation — Grants Page — Apply Through July 30 RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Virtual Workshops RIMS Strategic & Enterprise Risk Center NEW FOR MEMBERS! RIMS Mobile App RIMS Canada 2024 — Submit a session through May 30!   Guests' prior interviews: “ORSA Reporting: It Seems To Be A Hot Topic with Lorie Graham” “Trisha Sqrow Talks ERM in the Air and on the Ground” Dr. Lianne Appelt: RIMS-CRMP Interview   RIMS Webinars: Uncovering Hidden Risks in Your Third-Party Risk Management Program | Sponsored by EVIDENT ID | June 6, 2024 Unlocking the Value of Business Continuity and Insurable Risk Management | Sponsored by Riskonnect | June 13, 2024 RIMS.org/Webinars   Upcoming Virtual Workshops: See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Scenario Planning with the RIMS SERMC” “Climate Disclosures with RISKWORLD 2024 Session Leader Jana Utter” “Solving Wicked Problems with Dr. Gav Schneider” “Live From RIMS ERM Conference 2023”   Sponsored RIMScast Episodes: “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos (New!) “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring RIMS Treasurer Manny Padilla! Spencer Educational Foundation “Leveraging Insurance and Risk Management to Address Political Risk” — RIMS Executive Report   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Lorie Graham, Senior VP and Chief Risk Officer at American Agricultural Insurance Company Trisha Sqrow, Vice President at Marsh   Lianne C. Appelt, Sc.D., RIMS-CRMP, Head of Enterprise Risk Management at Salesforce   Tweetables (Edited For Social Media Use): Putting together a risk appetite statement or devising risk tolerance levels or any of the elements described in this paper are some of the hardest things we do as risk professionals. — Dr. Lianne Appelt   Risk appetite is the direction your company wants to go and tolerance is the amount of variability around that target you are willing to accept before you change your strategy. — Lorie Graham   For many, setting a risk appetite statement and developing tolerance is a “check-the-box” exercise they don't want to spend a ton of time, effort, or energy thinking about how it can add value to the business. — Dr. Lianne Appelt   In a new ERM hire, I look for collaborative skills. A risk practitioner works with people from all over the organization. I look for people able to gather and understand people's points of view and meet them where they are, sometimes with persuasiveness. — Trisha Sqrow

In this episode of Global Risk Community Chat, we delve into enhancing enterprise risk management through process capability with Michael Schank, a seasoned consultant with extensive experience at Accenture, EY, Citibank, and Bank of America.  Michael introduces his groundbreaking Process Inventory Framework, which he details in his book "Digital Transformation Success: Achieving Alignment and Delivering Results with the Process Inventory Framework". This framework is designed to unify teams by creating a common language tailored to business needs, which in turn enhances risk assessments and control designs across various enterprise levels. We discussed how this approach not only strengthens the foundational data model of GRC platforms but also facilitates a cohesive operational intelligence system. This integration is crucial for managing risks effectively and aligning the three lines of defense in risk management. Michael also shares insights into building resilient operational systems capable of withstanding diverse risks, from cyber security threats to sustainability challenges. If you are a Chief Risk Officer or involved in risk management, this conversation offers valuable perspectives on aligning process management with enterprise risk strategies. For more insights from experts like Michael Shank or to be our guest, send your email to info@globalriskconsult.com with the subject "Guest Proposal." Stay informed and ahead in your field with more content from the Global Risk Community, your platform for professional risk discourse.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   Justin Smulison interviews returning guest Jana Utter. Jana is the 2022 Risk Management Honor Roll inductee and a former RIMS SERMC Chair. Jana remains active on RIMS committees. On May 6 at 2:45 pm, she will co-host a RISKWORLD session, Sustainability Reporting: Making ERM Transparent: Environmental, Social and Governance in ROOM 25AB. The SEC is in the news with final and proposed Climate Disclosure Rules announced. Jana shares her knowledge, experience, and risk philosophy, a cluster of acronyms, and why ERM needs to connect more fully with ESG. Jana will be co-hosting a session on the ESG track with Bob Wirth at RISKWORLD 2024. Listen in to learn more about emerging ESG risk reporting and disclosure. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration for RISKWORLD 2024 is now open. Explore infinite opportunities with RIMS from May 5th through May 8th, 2024, in San Diego, California. Register at RIMS.org/RISKWORLD. [:31] About today's episode of RIMScast. My friend Jana Utter returns to discuss ERM, ESG, and the new Climate Reporting Disclosures; the SEC, the CSRD, and more. We've got a lot of acronyms today! [1:01] As you know, RISKWORLD 2024 is coming up from May 5th through May 8th, 2024, in sunny San Diego, California. Registration is open at RIMS.org/RISKWORLD. Register today! There's a link in this episode's show notes. [1:22] In Episode 276 of RIMScast we had opening keynote Peter Diamandis join us. Check out that episode for just a taste of what's in store for RISKWORLD 2024. The full roster of keynotes has been announced! I'm so excited! We will be welcoming Academy Award-winning actress, director, and activist, Marlee Matlin! [1:46] For our industry keynote, we will be rejoined by Evan G. Greenberg, the Chairman and Chief Executive Officer of Chubb Limited and Chubb Group. That session will be sponsored by Chubb. Just announced, our closing keynote on May 8th will be Daymond G. John. You know him from Shark Tank. He's also the Founder of FUBU. I'm a big fan! [2:10] I'm extremely excited about that closing keynote on May 8th! Experience all the energies of our keynotes at RISKWORLD! Register at RIMS.org/RISKWORLD. We want to see you there! [2:24] Today's guest is one of my favorites. She is Jana Utter, the Vice President of Enterprise Risk Management at Centene Corporation. In 2022, RIMS named her to the Risk Management Honor Roll. She is the former chair of the RIMS Strategic and Enterprise Risk Management  Council. Jana is knowledgeable about ERM and ESG. [2:50] Since there were new SEC Climate Disclosure Rules announced, I wanted Jana to come back on the show and fill us in on what we need to know. This dialogue will dovetail with her upcoming RISKWORLD session on May 6th at 2:45 p.m. in Room AB25, Sustainability Reporting, Making ERM Transparent. It is part of the ESG track. She'll be co-presenting with Bob Hirth. [3:25] Jana Utter, welcome back to RIMScast! Jana was the 2022 RIMS Risk Management Honor Roll Inductee. Jana and Justin go back quite a few years. This is her third time as a RIMScast guest. Jana was the chair of the RIMS Strategic and Enterprise Risk Management Council. She misses it a bit but has moved on to other RIMS volunteer activities. [4:10] Jana is here to discuss the SEC Climate Disclosures in the news. The U.S. SEC proposed final rules for Sustainability Reporting Standards. Also, the EU Corporate Standard Reporting Directive (CSRD) is making headlines. [5:02] Jana thinks it is important as risk professionals to think of sustainability in the same way that we think about enterprise risk management. They are both important. Jana speaks of the 2017 COSO ERM Update, Integrating Strategy with Performance. [5:29] That COSO document says that ERM helps enhance performance by more closely linking strategy and business objectives to risk. ERM affects value strategy and is linked to the business. The COSO framework also discusses how ERM leads to better decision-making. [5:48] The International Sustainability Standards Board (ISSB) says sustainability factors are becoming part of mainstream investment decision-making. Companies are called upon to provide high-quality global comparable information on sustainability reported risks and opportunities. [6:28] As ERM professionals, we are trying to identify risks to help protect the value and future ongoing business concerns of the company. Sustainability reporting is trying to do the same thing, protect the long-term value of the company. To Jana, that seems to be a natural fit. [7:00] Justin and Jana agree that the data should support the story-telling of the organization or the risk professional. Sustainability reporting is a big part of that data, just as financial statements are. [7:17] Sustainability reporting disclosures publish additional information by a company to inform stakeholders, including investors, business partners, employees, and customers. Jana thinks about it the same way as about financial statement information, which caters to the same stakeholder audience. [8:14] Jana notes it's important to know which of the different reporting directives for sustainability reporting standards apply to your company in the jurisdictions or geographies in which your company operates. Global sustainability disclosures are not 100% consistent. In the U.S., some states have additional expectations for ESG reporting above the SEC rules. [10:10] ESG is showing up in commercials. Jana finds that interesting as her friends and family still don't know what the acronym ESG means. It's appearing in the mainstream, with DEI. [11:31] Jana says that a lot of people who are responsible for enterprise risk management, including her industry peers, are not also responsible for sustainability reporting and disclosures. How can risk professionals get connected to the sustainability reporting team? [12:23] Jana recommends risk professionals use the RACI matrix: Who's Responsible? Who's Accountable? Who's Consulted? And Who's Informed? If you're not in this matrix, ask to join it as a consultant. She lists ways to contribute by connecting to different areas of the company. [13:56] It's important to know where your company operates. U.S. companies with no operations outside the U.S. may be able to follow the IFRS SASB Sustainable Accounting Standards and the SEC Climate Disclosure rules and other SEC-related rules that cover sustainability, as well as any state rules. [14:59] If you're U.S.-based with any operations in Europe, you're going to want to monitor CSRD and make sure you understand and follow that protocol. That should cover you for the majority of any sustainability risks in the U.S. [15:42] Jana's go-tos are the International Financial Reporting Standards (IFRS), International Sustainability Standards Board (ISSB), and Sustainability Accounting Standards Board (SASB). ISSB includes the Taskforce on Climate-Related Financial Disclosure (TCFD). TCFD and CDP (formerly Carbon Disclosure Project) are closely aligned. [16:46] Jana repeats, pay attention to the IFRS and what they do. IFRS is geared to the investor community. Also watch the Global Reporting Initiative (GRI), which is focused on social and environmental impact reporting. [17:46] SASB is the Sustainability Accounting Standards Board. Justin invites you to look for these acronym links in the show notes. [18:06] RIMS plug time! You can sign up now for RISKWORLD pre-conference workshops. They will all be held on May 4th and 5th at the San Diego Convention Center. The link is in this episode's show notes. [18:19] The topics include but are not limited to Applying and Integrating ERM, Fundamentals of Insurance, and a RIMS-CRMP Exam Prep Workshop. Go to RIMS.org/RISKWORLD, go to Learn, and then Workshops and you'll find them there. [18:35] RIMS Virtual Workshops: Visit RIMS.org/virtualworkshops to see the full calendar. Virtual workshops are in session, beginning in June, starting with Leveraging Data and Analytics for Continuous Risk Management. That's a three-part course that begins on June 6th. We've got Fundamentals of Insurance on June 11th and 12th. [18:55] We've got Fundamentals of Risk Management on June 18th and 19th and we've got Captives as an Alternate Risk Financing Technique on June 26th and 27th. More information about these workshops and others is on the RIMS Virtual Workshops page and a link is in this episode's show notes. [19:13] If you attend RISKWORLD, be sure to download the RIMS Events App. This is different from the RIMS App, available only to members. The RIMS Events App will help you keep sessions organized, take notes, communicate with other attendees, and a whole lot of other great features because there's so much happening. This is a great way to stay on schedule. [19:38] On May 8th, at 2:10 p.m., please go over to the Global Studio and check out RIMScast Live for a special session with RIMS Risk Manager of the Year 2024, Steve Robles. Steve received the award for his fantastic work with LA County. We will discuss his career and we will give all of you a chance to ask him anything that's on your mind. [20:03] Steve's a great guest. We've already  recorded next week's episode together. In a clip from the episode, Steve says his risk group at LA County was responsible for about 100K county employees. He didn't know all their names, but if he knew their name, that was probably a bad thing! Be sure to tune in to RIMScast next week for more podcasting gold! [20:35] Steve was a lot of fun and our session at the Global Studio on May 8th at 2:10 p.m. is going to be a blast! Be there! [20:43] Webinars: On April 30th, to close out Supply Chain Integrity Month, we welcome Moody's, who will present Resilience in Turbulent Times: Navigating Geopolitical Challenges in Supply Chains. Our friends from TÜV SÜD GRC will return on May 23rd with Respond to Emerging Risks with a Winning Property Loss Control Formula. [21:08] On June 6th, Evident ID makes its RIMS Webinar debut with Uncovering Hidden Risks in Your Third-Party Risk Management Program. On June 13th, our friends at Riskonnect return to present Unlocking the Value of Business Continuity and Insurable Risk Management. That's a great line-up for the next couple of months! [21:30] Visit RIMS.org/Webinars to learn more about these webinars and to register! Links are in the show notes. Webinar registration is complimentary for RIMS members. [21:38] The RIMS ERM Conference 2024 will be held on November 18th and 19th in Boston, Massachusetts. RIMS continues to present the best conference agenda by featuring the most engaged and knowledgeable risk professionals leading the discussions. [21:53] RIMS wants to hear from you. Submit your session by Friday, May 3rd. A link is in this episode's show notes. The best submissions will address current and future issues facing ERM practitioners and provide takeaways for an audience of risk professionals, business leaders, students, governmental officers, legal professionals, and more. [24:15] You must keep it relevant to ERM and Strategic Enterprise Risk Management. Remember, product sales pitches are not acceptable nor appropriate as part of the RIMS ERM Conference Education Program. [22:46] Jana Utter has a session at RISKWORLD on May 6th at 2:45 p.m. with Bob Hirth, called Sustainability Reporting: Making ERM Transparent. It's part of the ESG track. It will be in Room 25AB. Jana is excited about the session. There are a lot of great sessions that run concurrently, but everybody should head over to Room 25AB on May 6th at 2:45 to hear more from Jana! [23:35] Risk professionals are supposed to have a line of communication to the C-suite and the enterprise to take these announcements seriously. Jana says a risk professional has to treat sustainability reporting and disclosures like any other risk. An emerging risk can sometimes bubble up to become a noticed risk. [24:42] Jana tells of her experience in reporting what ERM saw as up-and-coming emerging risks, capturing ESG and sustainability-related risks, and reporting disclosure expectations bubbling up in emerging risks. It eventually gets the attention when the time is right. [25:40] Keep any emerging risk in the reporting to the extent possible. When the time is right, it will become important, not only to the ERM professional but to others where you've been trying to raise the flag. Risk professionals, make a note! [26:19] Jana says Scope 3 Emissions are pretty complex. It is comprised of 15 categories. Scope 1 is a company's use of natural gas. Scope 2 is its use of electricity. They're more straightforward. [27:16] The focus of Scope 3 is supply chain emissions. Most enterprise risk management professionals may not know or have had any reason to focus on how many suppliers their company has. It can be thousands or tens of thousands. It's challenging. [27:54] The Greenhouse Gas Protocol and other authoritative sources have ways to categorize types of vendors and use categorizations as a way to calculate emissions. It's still very complex and much more subjective. [28:30] To get the quality of reporting you need for financial statements, with external auditor reviews and having the same level of controls and tightness on the calculations, Scope 3 becomes quite complex. [28:56] Justin reads from the U.S. EPA guidance on Scope 3: “The result of activities from assets not owned or controlled by the reporting organization but that the organization indirectly affects in its value chain.” Scope 3 emissions include up-chain and down-chain. A risk professional has a lot of work to do dealing with Scope 3 emissions. [29:37] Jana mentions that a challenge around Scope 3 is double counting. A manufacturer uses a third party to deliver goods to a retailer. Both the manufacturer and the retailer count the third party for emissions. Communication has to occur between the manufacturer and its retailers. So Scope 3 emissions reporting is not required now. [31:04] Jana talks about possible consequences of the failure of an enterprise to comply with the rule. It will probably be similar to any other failure to report accurately. You'll get a letter with a deadline to comply. There could be levels of penalties. It could be the same as not filing your financial statements on time. Jana suggests you check with your legal counsel. [33:10] Another trend Jana sees is the rise of Artificial Intelligence. It's on everybody's mind. There are sessions at RISKWORLD on the upside and downside risks and benefits of AI. AI has the ability to bring together a lot of information for the ERM practitioner. It still needs human interaction to determine what those results might mean and play out for your company. [34:32] Jana would not limit the research to what the AI brought back for a data set. AI can't replace the human experience and reasoning ability. [35:05] Another topic Jana sees, as we get to 2025, people are looking to the end of the decade from a risk perspective, taking a little longer-term view than normal for risk professionals, looking past current and emerging risk and thinking ahead. How are the risks of today going to progress to 2030? Justin invites Jana to come back in 2030 for a look back! [36:32] Justin describes how he has eased into using AI for simple things. [37:17] On May 6, at 2:45 p.m. in Room 25AB, Jana will co-host a RISKWORLD session, Sustainability Reporting: Making ERM Transparent: Environmental, Social and Governance. It may be one of the last times we see Bob Hirth speaking in a session with Jana. Bob has quasi-retired. They will reminisce a bit about what came true and what did not. [38:57] Jana and Bob will take questions if there is time at the end and maybe during the session. Check out Sustainability Reporting: Making ERM Transparent. This is going to affect your organization! [39:22] Jana, it has been such a pleasure to reconnect with you! We always find your insights very enlightening. We'll have you back before 2030! Let's set a date after we wrap and a date for 2030! Thank you, Jana! [39:42] Special thanks again to Jana Utter for joining us here on RIMScast. She's one of our favorites and she will be one of yours, too, when you see her live at RISKWORLD, on May 6th at 2:45 p.m. in Room 25AB for Sustainability Reporting: Making ERM Transparent! Registered attendees should use the RIMS Events App to get you where you need to go at RISKWORLD. [40:08] Go to the App Store and download the RIMS App. This is an exclusive members-only benefit with all sorts of RIMS resources and coverage. It's different from the RIMS Events App. Everybody loves the RIMS App! [40:40] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate! Contact pd@rims.org for more information. [41:25] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [41:43] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [41:59] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [42:20] Thank you for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RISKWORLD 2024 — San Diego, CA | May 5–8, 2024 RISKWORLD Pre-Conference Workshops RISKWORLD Speakers NEW FOR MEMBERS! RIMS Mobile App RIMS DEI Council Spencer Educational Foundation — Grants Page RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Virtual Workshops RIMS ERM Conference 2024 — Nov 18-19 — Boston, MA — Call For Session Submissions by May 3. RIMS Risk Management Awards Edition 2024 Spencer-RIMS Risk Management Challenge — Live at RISKWORLD SEC Climate Disclosures — March 2024 announcement (On March 6, 2024, the SEC issued a final rule different from the proposed rule.)   RIMS Webinars: Resilience In Turbulent Times: Navigating Geopolitical Challenges in Supply Chains | Sponsored by Moody's | April 30, 2024 Respond to Emerging Risks with this Winning Property Loss Control Formula | Sponsored by TÜV SÜD GRC| May 23, 2024 Uncovering Hidden Risks in Your Third-Party Risk Management Program | Sponsored by EVIDENT ID | June 6, 2024 Unlocking the Value of Business Continuity and Insurable Risk Management | Sponsored by Riskonnect | June 13, 2024 RIMS.org/Webinars   Upcoming Virtual Workshops: See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “ERM, ESG, and More Acronyms with Jana Utter” (2022) “Scenario Planning in 2024 with the RIMS SERMC” “RISKWORLD 2024 Keynote Peter Diamandis” “Harnessing Innovation's Promise with ERM Conference 2023 Keynote Bob Roitblat” “Live From RIMS ERM Conference 2023” “All Roads Lead to ERM” “ERM's Value Proposition with Chris Mandel” Sponsored RIMScast Episodes: “Platinum Protection: Underwriting and risk engineering's role in protecting commercial properties” | Sponsored by AXA XL (New!) “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring Manny Padilla! Spencer Educational Foundation “Leveraging Insurance and Risk Management to Address Political Risk” — RIMS Executive Report   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Jana Utter: Vice President, Enterprise Risk Management, Centene Corporation Tweetables (Edited For Social Media Use): It's important as risk professionals to think of sustainability in the same way we think about enterprise risk management. We think about ERM as being important. Then sustainability is also important. — Jana Utter   There's a lot out there and you can get overwhelmed by trying to meet the requirements or expectations of all of them. — Jana Utter   In reporting disclosure expectations bubbling up in emerging risks, it eventually gets the attention when the time is right. — Jana Utter   As we get to 2025, I'm seeing a lot of looking to the end of the decade, from a risk perspective, taking a little longer-term view than we normally do as risk professionals, coupling current and emerging and what may be new on the horizon, thinking ahead to 2030. — Jana Utter

Hear how Myrna Soto combined her great people skills with IT and business.  Welcome to On the Brink with Andi Simon, where we delve deep into the minds of industry leaders who are shaping the future. In this episode, I'm thrilled to bring a remarkable individual who has managed to shape businesses blending her people skills with her high-tech wisdom. Please allow me to introduce you to Myrna Soto. Myrna is Founder and CEO of Apogee Executive Advisors, an advisory firm providing strategic consulting the areas of Technology Risk, Cybersecurity, Technology Integrations, Digital Transformation, and Enterprise Risk Management. Are there lessons you can learn to propel your own success in IT and Business? How can women thrive in the complex world of IT and Business?  Watch our conversation here Myrna Soto is featured in our new book, Women Mean Business: Over 500 Insights from Extraordinary Leaders to Spark Your Success How to connect with Myrna You can reach Myrna on LinkedIn or through her website ForgePointCap.com. To learn more about this topic, we recommend these podcasts and blog: Eisha Tierney Armstrong—With The Rise Of AI, Professional Services Are Turning Into Products. Are You Ready?  Lorraine Hariton—How Can You Build A Better Workplace For Women? 10 Tips To Empower Women In Male-Dominated IT Industry Additional resources for you My two award-winning books: Rethink: Smashing The Myths of Women in Business and On the Brink: A Fresh Lens to Take Your Business to New Heights Our new book, Women Mean Business: Over 500 Insights from Extraordinary Leaders to Spark Your Success, co-authored by Edie Fraser, Robyn Freedman Spizman and Andi Simon, PhD Our website: Simon Associates Management Consultants WOMEN MEAN BUSINESS® is a registered trademark of the National Association of Women Business Owners® (NAWBO)

Today's episode with Dan Ramey is about how to sell to clients - specifically attorneys. In this episode, Dan and Leah discuss: Types of services that fall under forensic accountingHow to sell forensic accounting service to attorneysHow to avoid the sales-y feelingConsiderations when starting a forensic accounting practice as a solo practitioner or within a public accounting or consulting firmIn this season of the Data Sleuth Podcast, join Leah Wietholter as she discusses the business of forensic accounting with successful professionals who have done just that! As part of this series, Workman Forensics and podcast guests are providing free resources and tools to accompany each episode to help you with your practice whether you're just starting out or wanting to take it to the next level. Make sure to listen to the end of the episode to find out how to download! Lastly, during the last episode of the season, we are going to answer all of your questions - so if you have any questions about the business of forensic accounting, send them to Leah via YouTube, LinkedIn, or by emailing us at podcast@workmanforensics.com.GUEST BIODan is the Founder and President of Houston Financial Forensics, LLC, and Dan T. Ramey, CPA, LLC.  His professional certifications include CPA/CFF/CITP/ABV, CFE, CVA, CIA/CRMA, CISA/CISM, and CMA.  He is a past President of the Houston Chapter of the Institute of Internal Auditors and formerly a member of the Board of Governors.  Dan previously served as Chairman of the Houston CPA Society's Forensic and Valuation Committee and served two terms as the Treasurer of the Houston Chapter of InfraGard.  Dan is also an adjunct professor at the Hankamer School of Business at Baylor University – Accounting and Business Law Department and the C. T. Bauer School of Business – Accounting Department at the University of Houston, where he currently teaches Forensic Accounting and previously taught Enterprise Risk Management. Both courses are graduate level in the Masters of Accountancy programs.Dan graduated from Baylor University with a BBA in Accounting and from Houston Christian University with an Executive MBA. Dan was awarded the Certified Fraud Examiner of the Year award by the ACFE Houston Area Chapter in December 2019.  In 2020, Dan was awarded a Lifetime Achievement Award by the ACFE Houston Area Chapter.  In 2018, he was recognized by the ACFE at their Global Annual Conference in Las Vegas as Educator of the Year.Houston Financial Forensics, LLC is a professional services provider in the areas of fraud investigation, cyber security / cyber fraud risk assessment, forensic accounting, and litigation support.Email: dan@houstonfinancialforensics.comLinkedIn: https://www.linkedin.com/in/danramey/RESOURCES MENTIONED IN TODAY'S EPISODETo access the downloads discussed in this episode, visit: www.datasleuthpodcast.comTo learn more about the Investigation Game Education Edition, visit: workmanforensics.com/tig-educatorsOrder your copy of Leah's book, Data Sleuth: Using Data in Forensic Accounting and Fraud Investigations today on Amazon!CONNECT WITH WORKMAN FORENSICSYoutube: @WorkmanForensicsFacebook: @wforensicsTwitter: @wforensicsInstagram: @wforensicsLinkedIn: @workmanforensicsSubscribe and listen to this and more episodes of The Data Sleuth® Podcast on Apple Podcasts, Spotify, Android, or anywhere you listen.

Join us on our eighth episode with Dan Ramey, a distinguished financial fraud investigator and forensics accountant. Ramey is the Founder and President of Houston Financial Forensics, LLC, a past President of of the Houston Chapter of the Institute of Internal Auditors, and previously served as Chairman of the Houston CPA Society's Forensic and Valuation Committee. He is currently an adjunct professor at the C. T. Bauer School of Business at the University of Houston, where he teaches Forensic Accounting and Fraud Examination and Enterprise Risk Management courses. Join us as we discuss financial fraud cases Ramey has worked on, and some of the investigative services he has provided.

Andy Ellis is the CEO and Principal at Duha, Inc., a boutique advisory firm focused on providing strategic consulting in Leadership, Management, Cybersecurity, Technology Risk, and Enterprise Risk Management. In this episode KJ and Andy critique the conventional application of the growth mindset in corporate settings, discussing how real leadership is about encouraging diversity of skills and thought, acknowledging achievements, and the importance of understanding and addressing challenges realistically.    Key Takeaways: 09:04 The Art of Celebrating Success and Fostering Team Spirit 17:08 Challenging the Growth Mindset in Leadership 20:34 The Trust in Tech Leaders Over Governments 24:58 The Art of Leadership and Embracing Failure 25:29 Effective Marketing and Changing the World Step by Step 27:13 The Efficiency of Embracing 'No' in Startups   Quote of the Show (12:00): “ In an educational environment, if you tell kids that they cannot learn, you induce the closed mindset.” – Andy Ellis   Join our Anti-PR newsletter where we're keeping a watchful and clever eye on PR trends, PR fails, and interesting news in tech so you don't have to. You're welcome.   Want PR that actually matters? Get 30 minutes of expert advice in a fast-paced, zero-nonsense session from Karla Jo Helms, a veteran Crisis PR and Anti-PR Strategist who knows how to tell your story in the best possible light and get the exposure you need to disrupt your industry. Click here to book your call: https://info.jotopr.com/free-anti-pr-eval   Ways to connect with Andy Ellis: LinkedIn: https://www.linkedin.com/in/csoandy/ Company Website: https://www.duha.co/about/ Company LinkedIn: https://www.linkedin.com/company/duhainc/   How to get more Disruption/Interruption:  Amazon Music - https://music.amazon.com/podcasts/eccda84d-4d5b-4c52-ba54-7fd8af3cbe87/disruption-interruption Apple Podcast - https://podcasts.apple.com/us/podcast/disruption-interruption/id1581985755 Google Play - https://podcasts.google.com/feed/aHR0cHM6Ly93d3cub21ueWNvbnRlbnQuY29tL2QvcGxheWxpc3QvODE5NjRmY2EtYTQ5OC00NTAyLThjZjktYWI3YzAwMmRiZTM2LzNiZTZiNzJhLWEzODItNDhhNS04MDc5LWFmYTAwMTI2M2FiNi9kZDYzMGE4Mi04ZGI4LTQyMGUtOGNmYi1hZmEwMDEyNjNhZDkvcG9kY2FzdC5yc3M= Spotify - https://open.spotify.com/show/6yGSwcSp8J354awJkCmJlDSee omnystudio.com/listener for privacy information.

Cory Glenn joins us to chat about the intricacies of pilot recruitment and the significant strides made in diversity and inclusion within the aviation industry. This episode not only offers a behind-the-scenes look at the hiring process but also emphasizes the importance of core flying experience and the impact of personal growth on a pilot's career. Hit play and let your aviation dreams take flight!   WHAT YOU'LL LEARN FROM THIS EPISODE  Insights into the evolution of pilot recruitment Debunking myths and how diversity enriches the pilot community Why accurate logbook keeping is essential for pilots The indispensable value of accumulating substantial flying hours American Airlines' hiring projections and the evolving landscape of pilot recruitment   RESOURCES/LINKS MENTIONED Jobs at American Airlines NGPA Organization of Black Aerospace Professionals Professional Asian Pilots Association RTAG   Are you interested in learning about more career opportunities in aviation? Visit https://vimeo.com/event/4192783 and register to attend "Cleared for Takeoff: Career Opportunities with American Airlines" on Wednesday, April 10, 2024, at 7:00 PM MDT.   ABOUT CORY GLENN Cory is the Director of Pilot Recruiting and Development at American Airlines. He is an expert aviation consultant in the pilot supply and demand industry. He is an experienced Pilot Instructor with a demonstrated history of safety in commercial and military aviation. He has also worked in Enterprise Risk Management, Operations Management, Readiness, Operational Planning, and leading Youth Programs. He is a strong operations professional with a Bachelor of Arts (B.A.) focused in Communications from Portland State University.   CONNECT WITH CORY Website: American Airlines LinkedIn: Cory Glenn   CONNECT WITH US  Are you ready to take your relationship to the next level? Don't wait until it's too late. Use the promo code “R4P” and save 10% on all our services. Check us out at www.spitfireelite.com!   If you want to recommend someone to guest on the show, email Nik at podcast@spitfireelite.com, and if you need a professional pilot resume, go to www.spitfireelite.com/podcast/ for FREE templates!    SPONSOR Are you a pilot just coming out of the military and looking for the perfect second home for your family? Look no further! Reach out to Marty and his team by visiting www.tridenthomeloans.com to get the best VA loans available anywhere in the US. If you're a professional pilot looking for a great financial planning partner for your retirement, tax, and investment, go to www.tpope.ceterainvestors.com/contact or call 704-717-9300 ext 120 to schedule a consultation appointment with Timothy P. Pope, CFP®. Be ready for takeoff anytime with 3D-stretch, stain-repellent, and wrinkle-free aviation uniforms by Flight Uniforms. Just go to www.flightuniform.com and type the code SPITFIREPOD20 to get a special 20% discount on your first order.

Guest: Keyaan Williams, Founder and Managing Director of CLASS-LLC [@_CLASSllc]On LinkedIn | https://www.linkedin.com/in/keyaan/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, hosted by Sean Martin, we are joined by guest Keyaan Williams to discuss the impact of the Securities and Exchange Commission (SEC) Incident Reporting Rule on organizations and its far-reaching implications. The wide-ranging discussion covers the shift in responsibility from a single Chief Information Security Officer (CISO) to the entire organization, the necessity for companies to have situational awareness to rapidly determine the materiality of cyber security incidents, and how these rules affect the company's enterprise risk management strategy.Enterprise Risk Management (ERM) is integral to the way organizations protect themselves and manage risk. Contrary to focusing exclusively on cybersecurity and cyber-related risk, ERM takes an holistic approach and considers all risks across the company. This comprehensive approach ensures that companies make well-informed decisions about how they allocate resources, prioritize risks, and choose specific areas to mitigate. ERM also distributes the burden of risk oversight, reducing the intense pressure on CISOs or any single department and making risk management a collective responsibility. In an era of increasing regulatory oversight, such as the new rules from the SEC, ERM also aims to help companies demonstrate that they are taking all necessary precautions and addressing regulatory requirements effectively.Williams also emphasizes the need for businesses to prepare for the increasing regulatory scrutiny by maintaining a robust governance structure and adopting a team-based approach for managing cyber security risks. They predict the possibility of additional rule-making concerning cybersecurity in the future, thus viewing the current phase as the calm before the storm.Williams ends the conversation with an invitation for listeners to provide feedback, reinforcing the theme of the episode: collective engagement in cybersecurity management.Key Questions Addressed:What is the impact of the new SEC reporting rule on CISOs and their teams?How can Enterprise Risk Management contribute to overcoming cybersecurity challenges?How does the SEC reporting rule change the role of a CISO within an organization?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

In this episode, we welcome Academy Fellow Dr. Karen Hardy, an internationally-recognized Enterprise Risk Management (ERM) expert and the creator of the 'Flip this Risk' book series and podcast, to discuss her career in ERM and the importance of understanding and addressing risk in public administration.Read the 'Flip this Risk' Book Series: https://www.amazon.com/Flip-This-Risk%25C2%25AE-Book-Series-4-book-series/dp/B098ZXQ7T6 Listen to the 'Flip this Risk' Podcast: https://www.flipthisriskpodcast.com/  Support the Podcast Today at:donate@napawash.org or 202-347-3190Music Credits: Sea Breeze by Vlad Gluschenko | https://soundcloud.com/vgl9Music promoted by https://www.free-stock-music.comCreative Commons Attribution 3.0 Unported Licensehttps://creativecommons.org/licenses/by/3.0/deed.en_

In this article, we explore how CISOs can dramatically enhance their cybersecurity strategies by adopting best practices from various corporate roles, from CEOs to General Counsel to HR Directors. Discover how this collaborative approach not only fortifies security measures but also aligns them seamlessly with broader business objectives, driving organizational success in a safe and secure manner.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

In this episode of Theory-N2-Practice, we talk about Leadership and Enterprise Risk Management (ERM) with Mel Thomson and Marcus Haynes. Don't miss it; it was a great interview!Mel Thomson leads Enterprise Risk Management at the City of Phoenix. She focuses mostly on uninsurable risks that can impact the city's strategic plans and goals. Through consulting and facilitation, Mel works with city departments to engage with others in a formalized process to identify, assess, mitigate, and prioritize cross-cutting risks. This allows teams to manage and optimize their risks to either acceptable or unacceptable levels, while leveraging the upside of risks. She also works with leaders to craft their appetites to connect risks vertically and horizontally which produce risk-based decision making and value throughout the city.Marcus Haynes is a seasoned public safety professional with more than 17 years of dedicated service as a firefighter, paramedic, and hazardous materials technician. He is deeply committed to protecting lives, property, and fostering safe environments. Marcus is equipped with a diverse skill set that enables him to effectively respond to a wide range of emergencies, including fires, accidents, health crises, and hazardous materials incidents.In addition to his hands-on experience, Marcus has developed the ability to analyze complex organizational challenges, enhance policy options, and mitigate risks for both the department and the community at large. He holds a master's degree in global security and a bachelor's degree in emergency management, allowing him to approach crisis and disaster management from a holistic and strategic perspective. Marcus values integrity, kindness, resilience, and community and is driven by a mission to make a positive impact in the world.Daniel Scott Links:https://www.linkedin.com/in/danielscotttn2p/EM Leadership Summit:https://theoryn2practice.com/summit-sign-up Mel Thomson Links:https://www.aferm.org/melthomson/ https://www.linkedin.com/in/melissa-thomson-arm-ermcp-42881a71/ Marcus Haynes Links:https://www.linkedin.com/in/marcus-marcushaynes/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe

Guest: Lester Chng, Crisis ManagementOn LinkedIn | https://www.linkedin.com/in/lesterchng/Hosts:Jax ScottOn ITSPmagazine  

In this episode of URMIA Matters, Teresa Ransdell, URMIA's Director of Membership and Marketing, speaks to Flo Hoskinson, Risk Manager at Oregon Health and Science University, Mellany Patrong, Director of Enterprise Risk Management at Texas Southern University, and Steve Stoeger-Moore, President of Districts Mutual Insurance and Risk Management Services, about the wide array of Member Benefits that URMIA has to offer its members. They share their favorite member benefits including URMIA's Resource Guide, the Risk Inventory, Community Conversations, and the amazing connections they've made at both URMIA's Annual and Regional Conferences. Though every member may have different needs for their institution or organization, they can all agree on the wonderful sense of community and welcome that URMIA brings to its members!Connect with URMIA & URMIA with your network-Share /Tag in Social Media @urmianetwork-Not a member? Join ->www.urmia.org/join-Email | contactus@urmia.org Give URMIA Matters a boost:-Give the podcast a 5 star rating-Share the podcast - click that button!-Follow on your podcast platform - don't miss an episode!Thanks for listening to URMIA Matters!

How can we build a culture that motivates people to do the right thing? In this episode of Corruption, Crime and Compliance, Michael Volkov and guest Steve Naughton, explore crucial questions about fostering ethical cultures within companies and practical steps compliance leaders can take to transform performance. Steve shares insights from his journey, detailing the evolution of compliance leadership roles and offering a glimpse into PepsiCo's growth in this area during his tenure as Chief Compliance Officer. For those considering careers in compliance, he emphasizes that expertise in this field can be developed without a law degree. Steve Naughton currently oversees Compliance and Enterprise Risk Management programs at Loyola University Law School. He previously served as Pepsi's Chief Compliance Officer, guiding the growth of their compliance program over 8 years. He is passionate about making sure compliance functions can work independently.You'll hear Michael and Steve discuss:Steve began his career at major law firms before going in-house to manage litigation and M&A deals during pivotal moments at Quaker Oats and Snapple.PepsiCo's iconic GC Larry Thompson asked Steve to build a new compliance program starting with just 3 people. Over 8 years, Steve grew Pepsi's program from 3 to over 40 employees with global reach.Larry saw compliance as preventative and empowered Steve with independent reporting to the Board. Steve remarks, “[Larry] viewed [compliance] as much more preventative than reactionary … his take on compliance has always been, to the extent that we can prevent something or to the extent that as soon as we detect it, we'll go in and check it out instead of waiting till everything was fully investigated.”Pepsi has been on the World's Most Ethical Companies list for 15 years in a row, showcasing its success in following ethical practices.Pepsi has never faced serious enforcement actions, and this is attributed to turning ethical practices into a value-add for the business.Not every company has the resources or leadership seen at Pepsi, making it challenging to bring others along in the compliance profession.Steve emphasizes the importance of a risk-based approach in compliance and recommends developing a strategic five-year plan to address top risks progressively.He encourages companies to be disciplined and follow a plan, citing the Department of Justice's emphasis on showing work prospectively, not retroactively, to defend actions and maintain a strategic plan.Michael and Steve discuss the challenges of implementing change in compliance programs, emphasizing the importance of building a team and garnering support from other functions.They recommend a realistic 3 to 5 year timeframe for implementing changes.Cultures where people feel safe speaking up are foundational to compliance. This can aid in preventing and addressing ethical lapses and compliance challenges.Steve cites examples from Wells Fargo, Volkswagen, General Motors, and Boeing. In these organizations, where you would expect people to be skilled and ethical, employees often didn't speak up. This was because they thought their concerns wouldn't be listened to, or the culture didn't encourage open communication.Compliance is not just about following rules; it's about changing the culture in companies. We need to think differently and work towards making a culture where doing the right thing is not just accepted but encouraged. Steve runs a highly respected compliance curriculum at Loyola University which has prepared many future Chief Compliance Officers. However, compliance expertise doesn't strictly require legal training.ResourcesSteve Naughton on LinkedIn | Loyola School of Law | EmailMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Guest: Dave Mason, President, 300 Cybersecurity Inc.On LinkedIn | https://www.linkedin.com/in/dave-mason-476044a/__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?

Guest: Lester Godsey, CISO, Maricopa CountyOn LinkedIn | https://www.linkedin.com/in/lestergodsey/__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?

Guest: Lester Godsey, CISO, Maricopa CountyOn LinkedIn | https://www.linkedin.com/in/lestergodsey/__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?