Risk Assessment Articles


​Understanding the Risk Management Process
May 01, 2007, Mark Edmead, Institute of Internal Auditors - Identifying risks, as well as their likelihood and overall impact, can help beginner internal auditors provide recommendations that enable companies to develop an effective risk management plan.

Borrow, But Adapt
In Wikipedia, we read that a "Risk assessment consists of an objective evaluation of risk in which assumptions and uncertainties are clearly considered and presented."
The day before yesterday, in this space, I raised the possibility of using insurance as an AML risk management tool when, in fact, the insurance industry is itself a rich source of risk management literature.  

Consider also, for example, how well the NIST Computer Security Standards helps us to think about risk and risk management. As you read, just consider how those principles might be adapted to guide your own thinking.
From the military, here is an Army Risk Assessement template, and here is another.

The ISO Standard 31000:2009 spells out the various ways we may deal with risk, either by:

  1. Avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk
  2. Accepting or increasing the risk in order to pursue an opportunity
  3. Removing the risk source
  4. Changing the likelihood
  5. Changing the consequences
  6. Sharing the risk with another party or parties (including contracts and risk financing), or
  7. Retaining the risk by informed decision.

Understanding the Risk Management Process
May 01, 2007, Mark Edmead - Identifying risks, as well as their likelihood and overall impact, can help beginner internal auditors provide recommendations that enable companies to develop an effective risk management plan​.​

Appendix A - Risk Management and Fratricide Avoidance

AML Risk ...and Reward, Defining, Balancing, Growing
William Burmeister, Head of AML Risk
May 18, 2015