Mastering 21st Century
Enterprise Risk Management

The Future of ERM - Book 1 - Executive's Guide

Mastering 21st Century Enterprise Risk Management Cover

“Mastering 21st century Enterprise Risk Management” is an Executive’s Guide for transforming ERM. This book provides executives the foundations required to implement AI-based Risk Management. Artificial intelligence based risk management is the Future of ERM. As such, Good Governance, Ethics, Strategic Management, and Risk based Auditing, are all necessary perquisites for tackling the two-edged sword that is AI based Risk Management. 

Combining the best of ISO31000 and COSO-ERM, you can transform ERM from an overhead to a value-adding driver of growth. This will deliver real bottom-line returns. It covers how to link risk to strategy, using Scenario Analysis, and use risk registers for risk based decision-making. Also, by using Bayesian modelling and aggregating risks, it allows organizations to manage the uncertainty in strategic objectives. Thereby, fulfilling the primary directive of ISO 31000. 

In the post COVID business environment, managing uncertainty (risk) is not just a management technique. It’s a survival skill. This book presents proven strategies and practices developed working with some of Australia’s leading organizations. These include the Australian Dept. of Defence, Victorian Infectious Diseases Labs, Serco, and Motorola. 

Understanding the principles of Bayesian statistics, causal mapping, and threat management, puts executives in the driver’s seat. It also sets a solid platform to manage volatility and exploit the vast potential inherent in the full range of artificial intelligence and disruptive technologies available today.

Author: Gregory M Carroll

Mastering 21st Century Enterprise Risk Management

Table of Contents

Chapter 1

Firing Failed Risk Practices

Brexit Referendum odds
  • Brexit and the failure of ERM
  • Past Failures
    • Ford Australia’s closure
    • QANTAS $3 Billon Loss in 2014
  • Why Risk Management is broken
    • Why Risk Management is Failing
    • Compliance Failures from ANZ to VW
  • Learning from the Past
    • The Risk Outlook.
    • Rethinking Risk Management.
    • ERM system weaknesses.
  • Takeaways from Past Failures
  • Changing our view of Risk Management
  • Understanding Risk
  • Risk Management Frameworks
    • ISO 31000
    • COSO ERM
    • Which Framework to use?
  • Complexity & Uncertainty
    • Chaos Theory and causes of Risk
    • Complexity & Systemic Collapse
  • Lessons from COVID-19 pandemic

Chapter 2

Current State of Risk Management

Chaos Lorenz Diagram

Chapter 3

Firing Failed Risk Practices

Napoleon on Horse
  • Governance
    • What is corporate governance?
    • A New Approach to Governance
    • How Company Directors should manage THEIR Exposure
  • Leadership
    • Napoleon’s Lessons in Strategic Management
    • Risk Management Champion
    • Role of the modern Risk Manager
    • Millennials vs Risk Management
  • Risk Culture
    • The “Risk Culture” Myth
    • Hitler Diaries Case Study
  • Ethics and Values
    • Citibank vs Berkshire Hathaway – The Power of Ethics
    • Social Responsibility the New Black
    • Prejudice & Abuse in Youth Detention
  • Strategic Risk
    • Proactive vs Re-Active Risk Management
    • Nature of Risk
  • Context and Objectives
    • What is Context?
    • Defining Objectives
    • Managing Objectives
    • Apple vs Enron: Commercial Sustainability
  • Risk Appetite
    • Risk Appetite is Risk Tolerance
    • Risk Appetite not Anorexia
    • Integrating Risk Appetite into an Organisation
  • Strategic Thinking
    • Strategic Management
    • Game Theory
    • Strategic Decision-making
  • Organisational Resilience

Chapter 4

Strategy and Objectives

Using Capabilities as Context

Chapter 5

The Risk Process

Measuring risk probabilistically
  • Risk Identification
    • How to Identify Corporate Risks
    • The Delphi Method
    • Understanding Emerging Risks
    • The Black Swan Syndrome
    • Specifying Risks
  • Risk Analysis
    • Quantitative Risk Analysis
    • Using Scenario Analysis
    • Causal mapping
    • How to Analyse Risk
  • Risk Evaluation
    • Measuring Risk Probabilistically
    • Bayesian Modelling
    • How to calculate Risk Exposure
    • Measuring Risk – Value at Risk
  • Risk Treatment
    • Causal DMZ
    • Horizon Scanning & KRI Triggers
    • Incident Management
  • Risk Aggregation
    • Risk Network Mapping
    • Why aggregate risk
  • Risk-Based Decision-making
    • True Business Intelligence
    • Informed Decision-making
    • The Decision-making Process
  • Audit and Review
    • Attributes of a Strong Compliance Structure
    • Visibility and Accountability
    • Improving Audit Management
  • Managing Change
    • Digital Transformation
    • Improvement and Innovation
    • Misunderstanding Innovation

Chapter 6

Review and Improvement

Digital Transformation Cycle

Chapter 7

Implementation Secrets

Risk Management Maturity Model
  • Queensland Health $billion fiasco
  • Planning
    • Why use ERM software
    • Secrets to successful risk management
    • Selecting ERM software
    • How to select the right software
  • Implementation
    • Where to start Enterprise Risk Management (ERM)
    • Getting management started
    • Getting software implementation right
  • The Future of ERM
    • Where to from her
  • An Introduction to AI Based Risk Management

Chapter 8


Mastering 21st Century Enterprise Risk Management Reviews

“Must Reading!”

I'm the editor of CERM Risk Insights magazine. We've been publishing snippets of Greg's Mastering 21st Century ERM for three months. The reviews have been great. His book opens people's eyes to today's volatility and business challenges
Greg Hutchins PE CERM.
Greg Hutchins
PE CERM Quality + Engineering CERM Academy

“Comprehensive with lots of items not included in other such books”

Excellent very thorough text book on risk management 2. It is comprehensive with a lot of items not included in other such books. Good job well done. I like issues of delivering value, managing context and of risk drivers.
James Kline
James Kline
Governance Risk Specialist Portland, Oregon, USA

Copyright © 2013-2021 Gregory M. Carroll