A Handbook of Risk Management

March 2012 Bonus Resource

I'm often contacted by risk management leaders who would like a simple handbook of risk management. They find the sheer volume of literature on Enterprise Risk Management (ERM) overwhelming. Worse, they discover more untested theories and opinions in the literature than practical guidance for implementation.

Therefore, I'm delighted to share with you my review of the book Enterprise Risk Management authored by Bevan Lloyd. This slim volume, published by the Institute of Chartered Accountants of Ireland, contains 10 chapters covering these essential topics:

  1. Introduction
  2. Enterprise Risk Management
  3. What is Risk?
  4. Required Control Infrastructure
  5. Organizational Structures of Risk Management
  6. The Risk Management Process
  7. Verifying Controls and Strategies
  8. Disaster Recovery
  9. Fraud Considerations
  10. Challenges and Barriers


The strongest features of this book are:

  • It explains the basic components of an ERM program. This book moves beyond a simple definition of risk management. It clearly defines the organizational structures and management control infrastructure required. Lloyd applies the discipline of an accounting and audit professional.
  • It provides a blueprint and guide for ERM implementation. Lloyd provides pragmatic guidance on how to weave ERM into the organization's business practices.
  • It positions ERM squarely within a corporate governance context. Although the book's main reference points are The UK Corporate Governance Code (2010) and the Turnbull Report (1999), the governance principles it embraces will be familiar to practitioners in other jurisdictions.  
  • It's full of examples and samples. The examples illustrate the concepts in the book and reflect the author's experience. Any of the ERM samples (including policies, tools, charts, and report excerpts) can be used as a risk management template that the reader can adapt for his or her organization. 
  • It's concise. The book is a quick read. It presents a single view of ERM in a brief yet thorough manner. There are other ways to approach ERM. Indeed, if you put 10 ERM practitioners from different organizations in a room, you'ld have at least 10 versions of ERM! However, Lloyd provides a solid, basic approach that the reader can adapt to address the unique context and circumstances of his or her organization.

This book will be of great value to:

  • ERM leaders who are just starting out on their ERM journey. The book explains the basic ERM components and provides a blueprint and straightforward guide for implementation.
  • ERM leaders who have put in place the fundamentals of their ERM program and are now seeking to take ERM to the next level. In particular, the book offers concrete approaches for strengthening the links between ERM and the disciplines of performance management, disaster recovery and fraud risk management.
  • Board directors who seek to enhance their ERM oversight. The book provides some basic tools to support a Board in properly executing its fiduciary duties. The ERM framework described can also be usedasa benchmark against which to assess what the organization is doing in ERM.

While clearly aimed at corporations, the book also has plenty of food-for-thought for ERM leaders in the government and non-profit sectors. For example, in addition to the standard list of risk categories (i.e., strategic, fraud, legal, financial integrity, operational, human resource, information, and reputation), Lloyd offers alternative schemes for categorizing enterprise risks. Examples of alternative risk dimensions include: locus of control (external, internal, or a hybrid of the two) and intentionality (unavoidable vs. avoidable).

Enterprise Risk Management is a concise and informative reference of corporate risk management guidelines that should be on the shelf of every ERM practitioner, senior executive, and board director.

For details and to order the book, click here.

Follow the links to:

  • Read this month's Feature ArticleRisk Management Basics – Step 4: Close the Learning Loop to Optimize Your ERM Program's Performance
  • Download a printable version of the entire March 2012 Issue of the Risk Management Made Simple Advisory.
  • View the Article Index to access back issues of the Risk Management Made Simple Advisory.

Current Special Offers for Subscribers

Current Special Offers for Subscribers

The codes to access the following special offers have been emailed to The Mobilize for Growth™ Advisory subscribers:

  • SPECIAL INTRODUCTORY OFFER:  Free registration ($145 value) for Virtual Learning Bites in April.  There is a maximum of 10 spots per course, available free of charge on a first come, first served basis (April 1 - 30, 2019).  Two risk quantification Virtual Learning Bites from NavIncerta on the Italian Flag technique and on the Range Assessment technique.  (Subscribers have been sent the instructions on how to access this offer).  Not yet a subscriber?  Don't miss out, click here to sign-up for your complimentary Advisory subscription.
  • SPECIAL OFFER: $200 off the full fee for The Mobilize for Growth™ Advisory subscribers on NavIncerta's Virtual Learning Lab on Risk Management and Quantification (April 1 - June 28, 2019).  (Subscribers have been sent the instructions on how to access this offer).  Not yet a subscriber?  Don't miss out, click here to sign-up for your complimentary Advisory subscription.

  • SPECIAL OFFER: $500 off the full fee for The Mobilize for Growth™ Advisory subscribers on Module 1 of the Masters Certificate in Risk Management and Business Performance Leadership presented by the Schulich School of Business Executive Education Centre (April 29 - May 3, 2019).  Subscribers have been sent the instructions on how to access this offer).  Not yet a subscriber?  Don't miss out, click here to sign-up for your complimentary Advisory subscription.

Not yet a subscriber, but want to access these special offers?

When you subscribe to the Advisory, we'll send you the code for all current special offers along with a link to your New Subscriber Bonus, a copy of Moving Beyond the Risk Map to Operational Vigilance.

FIND OUT FOR YOURSELF why risk management leaders subscribe, click to access the ARTICLE INDEX of all past issues of the Risk Management Made Simple Advisory.

"I save and study each issue of the Advisory. I appreciate how Diana gives very practical advice and links it to fundamental theories and best practices." 

Sherrie Hyde, Risk Manager, Lutherwood


Moving Beyond the Risk Map to Operational Vigilance

Read more about the Risk Management Made Simple Advisory.

"It is so refreshing to read a newsletter that offers real solutions for risk management challenges."
Cathy Taylor
Director, Risk
Kinross Gold Corporation

Jump Start your risk management program.

Receive personalized advice from Risk Wise

See Details

Diana's Pick

The Neuroscience of Enterprise Risk Management (written by Diana Del Bel Belluz of Risk Wise) expores findings from the field of neuroscience and shares practical tips on how to apply them to enhance individuals' risk management thinking and implement brain-friendly ERM practices in organizations.

The article was published by The Conference Board of Canada in the Autumn 2017 issue of the journal Risk Watch.