285

Notes

Chapter 1

1 Fredrick W. Taylor, Principles of Scientific Management, Harper & Brothers,1911

2 See the W. Edwards Deming Institute, http://deming.org/3 Professor Henry Mintzberg, The Fall and Rise of Strategic Planning,

Harvard Business Review, JanuaryFebruary 19944 James Creelman, The Finance Function: Achieving Performance Excellence

in a Global Economy, Business Intelligence, UK, 20095 Globalization and the Changing UN Economy by the UKs Department

for Business Enterprise and Regulatory Reform, February 20086 The 2011 Financial Times Global 500 Index, Financial Times, UK7 Peter Hemington, The New Economic World Order: A Multipolar World

Emerges, Transitions, BDO, May 20108 The Centre for Future Studies, Insights into the Post Recession Business

Environment, Transitions, BDO, February 20109 BBC News, July 31, 2009

10 Andrew Pierce, The Queen Asks Why No One Saw the Credit CrunchComing, The Telegraph, November 5, 2008, UK

11 Best Practice in Risk Management: A Function Comes of Age, EconomistIntelligence Unit, UK, 2007

12 IMF Global Financial Stability, IMF, April 200613 Climbing out of the Credit Crunch, Association of Chartered Certified

Accountants, 2008, USA14 Risk Management is Dead . . . Long Live Risk Management, the Business

Continuity Institute, UK, 200915 Ronan OSullivan and Ross McNaughton, New UK Corporate Governance

Code, Paul Hastings: Stay Current, June 2010

Chapter 2

1 Zachary A. Goldfarb and Lisa Rein, JPMorgan Chase Execs May Departas CEO Jamie Dimon Acknowledges Terrible, Egregious Mistake onTrading, The Washington Post, May 2012, USA

286 NOTES

2 Andrew Smart, At the Intersection: An Investigation into the Integrationand Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006

3 Global Risk Management Study, Accenture, 20114 Dr Robert Kaplan and Dr David Norton, Measures That Drive Perfor-

mance, Harvard Business Review, January/February 19925 See as examples, Dr Robert Kaplan and Dr David Norton, The Balanced

Scorecard: Translating Strategy into Action, Harvard Business School Press,1996 and Creating the Strategy-Focused Organization, Harvard BusinessSchool Press, 2001

6 Adrian Cadbury, Financial Aspects of Corporate Governance, 1992, seehttp://www.ecgi.org/codes/documents/cadbury.pdf

7 Attributed to Peter Drucker8 Financial Times, August 2012, quoted from Risk Culture: Under the

Microscope Guidance for Boards, Institute of Risk Management, UK, 20129 Financial Times, August 2012, quoted from Risk Culture: Under the

Microscope Guidance for Boards, Institute of Risk Management, UK, 2012

Chapter 3

1 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Mea-sures That Drive Performance, Harvard Business Review, January/February1992

2 See as examples, Dr Robert Kaplan and Dr David Norton, The BalancedScorecard: Translating Strategy into Action, Harvard Business School Press,1996 and Creating the Strategy-Focused Organization, Harvard BusinessSchool Press, 2001

3 Dr Robert Kaplan and Dr David Norton (op. cit.)4 Research by Fortune Magazine, Quoted in Dr Robert Kaplan and Dr David

Norton, Measures That Drive Performance, Harvard Business Review,January/February 1992

5 Dr Robert Kaplan and Dr David Norton, Creating the Strategy-FocusedOrganization, Harvard Business School Press, 2001

6 Dr Robert Kaplan and Dr David Norton, The Execution Premium: LinkingStrategy to Operations for Competitive Advantage, Harvard Business SchoolPress, 2009

7 Darrell Rigby and Barbara Bilodea, Management Tools & Trends, Bain &Company, 2011

8 Aaron Crabtree and Gerald DeBusk, The Effects of Adopting the Bal-anced Scorecard on Shareholder Returns Advances in Accounting, USA, June2008

NOTES 287

9 See, as examples, Bernard Marr and James Creelman, More with Less:Maximizing Value in the Public Sector, Palgrave Macmillan, 2011. NareshMakhijani and James Creelman, Creating a Balanced Scorecard for aFinancial Services Organization, John Wiley & Sons, Asia, 2011

10 Professor Robert Kaplan, blog entry, December 200811 The SarbanesOxley Act, 2002, see www.soxlaw.com/12 Enterprise Risk Management: Integrated Framework, The Committee of

Sponsoring Organizations of the Treadway Commission, 200413 Standards Australia and Standards New Zealand, and New Zealand Stan-

dards of Risk Management: AS/NZ 4360:2004, Risk Management,Australia, 2004

14 The Orange Book: Management of Risks Principles and Concepts, HerMajestys Treasury, UK, 2004

15 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-tional Organization for Standardization, 2009

16 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-tional Organization for Standardization, 2009

17 Andrew Smart, At the Intersection: An Investigation into the Integrationand Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006

18 Professor Kaplan first shared his developing ideas in a series of articles thatappeared in the Balanced Scorecard Report, most notably in 2009

19 In Kaplan and Nortons January 2012 article The Future of the BalancedScorecard, published in the US CGMA Magazine

20 In the June 2012 edition of the Harvard Business Review Kaplan, alongwith Harvard Business School Assistant Professor Annette Mikes, publishedthe article Managing Risks: A New Framework

21 Nelson D. Schwarz and Jessica Silver-Greenberg, JPMorgan Was WarnedAbout Lax Risk Controls, New York Times, June 3, 2012

Chapter 4

1 See Sun Tzu, The Art of War, Special Edition, translated and annotated byLionel Giles, El Paso Norte Press, 2005

2 Quoted from Lizwe Nikala, Long Range Strategic Thinking Ability, WhyCEOs Must Have It, Entrepreneur Magazine, February 2, 2012, SouthAfrica

3 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Trans-lating Strategy into Action, Harvard Business School Press, 1996

4 Michael Porter, What Is Strategy? Harvard Business Review, 20065 Michael Treacy and Fred Wiersema, Customer Intimacy and Other Value

Disciplines, Harvard Business Review, 1993

288 NOTES

6 W. Chan Kin and Renee Mauborgne, Blue Ocean Strategy: How to CreateUncontested Market Space and Make the Competition Irrelevant, HarvardBusiness School Press, 2005

7 Ukerto Moti, Aligning Human Capital to Execute CorporateStrategy for Public Sector Growth and Service Excellence, see http://www.academia.edu/283841/Aligning_Human_Capital_to_Execute_Corporate_Strategy_for_Public_Sector_Growth_and_Service_Delivery

8 Working paper on Risk Culture: Guidance from the Institute of RiskManagement, Institute of Risk Management, UK, June 2012

9 Dr Larry Rittenberg and Frank Martens (op. cit.)10 See http://www.reputationinstitute.com/thought-leadership/global-

reptrak11 Dr Larry Rittenberg and Frank Martens, Understanding and Communi-

cating Risk Appetite, the Committee of Sponsoring Organizations of theTreadway Commission, January 2012

12 The Failure of the Royal Bank of Scotland, Financial Services Authority,UK, December 2011

13 Dr Larry Rittenberg and Frank Martens (op. cit.)14 Enterprise Risk Management: Integrated Framework, the Committee of

Sponsoring Organizations of the Treadway Commission, 200415 Dr Larry Rittenberg and Frank Martens (op. cit.)16 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-

tional Organization for Standardization, 200917 ISO31000:2009 Risk Management Principles and Guidelines, The Interna-

tional Organization for Standardization, 200918 The British Standards institution, BS31100:200819 Dr Larry Rittenberg and Frank Martens (op. cit.)20 Dr Larry Rittenberg and Frank Martens (op. cit.)21 A. Osterwalder, Yves Pigneur, Alan Smith, and 470 practitioners from 45

countries, Business Model Generation, Business Model Foundry, 201022 Dr Larry Rittenberg and Frank Martens (op. cit.)23 Research into the Definition and Application of the Concept of Risk

Appetite, Marsh and the University of Nottingham, UK, October 2009

Chapter 5

1 Martha Lagace, The Office of Strategy Management, Q&A with ProfessorRobert Kaplan, Harvard Business School, Working Knowledge, Arch 27th2006, Harvard Business School Press, USA

2 Attributed to Professor Albert Einstein3 Attributed to Peter Drucker4 Attributed to Peter Drucker5 See James Creelman, Building a Strategic Balanced Scorecard, Business

Intelligence, UK, 2003

NOTES 289

6 Strategic Performance Management in Government and Public SectorOrganizations, Advanced Performance Institute, UK, 2008

7 Bernard Marr and James Creelman, More with Less, 2011 PerformanceChallenges for the UK Public Sector, Advanced Performance Institute, UK,2011

8 James Creelman and Jonathan Chocqueel-Mangan, Reinventing Budgetingand Planning for the Adaptive Organization, Business Intelligence, UK,2006

9 James Creelman and Jonathan Chocqueel-Mangan (op. cit.)10 Dr Robert Kaplan and Dr David Norton, The Balanced Scorecard: Measures

That Drive Performance, Harvard Business School Press, 1996

Chapter 6

1 see www.shiftinpartners.com2 James Creelman, Building a Strategic Balanced Scorecard, Business Intelli-

gence, UK, 20033 Fra Lucs Bartolomeo de Pacioli, Summa de Arithmetica, Geometrica,

Poroportioni et Proportionaltie, 1494, Italy. Version: Universidad Auto-noma de Nuevo Leon, 1991

4 See http://www.thehackettgroup.com/

Chapter 7

1 Quoted from ERM History, Druml Group: see http://www.druml.com/management-advisory/enterprise-risk-management/erm-history/

2 Basel II The second of the Basel Accords, Basel Committee on BankingSupervision, 2004

3 See http://www.isixsigma.com/tools-templates/cause-effect/determine-root-cause-5-whys/

4 See http://en.wikipedia.org/wiki/Ishikawa_diagram5 Enterprise Risk Management: Integrated Framework, the Committee of

Sponsoring Organizations of the Treadway Commission, 20046 Strengthening Enterprise Risk Management for Competitive Advantage,

The Committee of Sponsoring Organizations of the Treadway Commis-sion, 2009

7 Risk Management: Principles and Guidelines, ISO31000-2006, ISO 20098 Risk Management: Principles and Guidelines, ISO31000-2006 (op. cit.)9 Oxford Dictionary, see http://oxforddictionaries.com/

10 Strengthening Enterprise Risk Management for Competitive Advantage(op. cit.)

11 Dr Larry Rittenberg and Frank Martens, Understanding and Communi-cating Risk Appetite, the Committee of Sponsoring Organizations of theTreadway Commission, January 2012

290 NOTES

12 Internal Control Integrated Framework, the Committee of SponsoringOrganizations of the Treadway Commission

Chapter 9

1 Adrian Cadbury, Financial Aspects of Corporate Governance, 1992, seehttp://www.ecgi.org/codes/documents/cadbury.pdf

2 The Greenbury Report on Directors Remuneration, Confederation ofBusiness and Industry, UK, 1995

3 Nigel Turnbull, Internal Control: Guidance for Directors on the Com-bined Code, London Stock Exchange for listed companies, 1999 (revisedguide published in 2005)

4 Climbing out of the Credit Crunch, Association of Chartered CertifiedAccountants, 2008, USA

5 The Corporate Governance Lessons from the Financial Crisis by GrantKirkpatrick

6 The Failure of the Royal Bank of Scotland, Financial Services Authority,UK, December 2011

7 Senior Supervisors Group Risk Management Lessons from the Global BankingCrisis of 2008

8 Ernst & Youngs 2010 report Making Strides in Financial Services RiskManagement

9 The UK Corporate Governance Code, 2010, Financial Reporting Council,UK, 2010

10 The King Committee on Corporate Governance: The King Report onCorporate Governance I, The Institute of Directors, South Africa, 1994

11 The King Committee on Corporate Governance: The King Report onCorporate Governance II, The Institute of Directors, South Africa, 2002

12 The King Committee on Corporate Governance: The King Report onCorporate Governance III, The Institute of Directors, South Africa,1994

13 Corporate Governance Principles and Recommendations, The ASX Corpo-rate Governance Council, Australia, March 2003

14 OECD Principles of Corporate Governance, Organisation for EconomicCo-Operation and Development, 2004

15 The SarbanesOxley Act, 200216 OECD Principles of Corporate Governance (op. cit.)17 Dr Roger Barker, Responding to the Crisis, The Corporate Governance

Perspective, Institute of Directors, UK, September 200918 Research into the Definition and Application of the Concept of Risk

Appetite, Marsh and the University of Nottingham, UK, October 200919 National Association of Corporate Directors Blue Ribbon Commission

report, Risk Governance: Balancing Risk and Rewards

NOTES 291

Chapter 10

1 Financial Times, August 2012, quoted from Risk Culture: Under theMicroscope Guidance for Boards, Institute of Risk Management, UK, 2012

2 Attributed to Peter Drucker3 Andrew Smart, At the Intersection: An Investigation into the Integration

and Alignment of the Balanced Scorecard with Operational Risk Man-agement Frameworks to Enhance Strategic Execution in the UK FinancialServices Industry. MBA Dissertation, Henley Management College, UK,2006

4 Ernst & Youngs 2011 research paper Making Strides in Financial ServicesRisk Management

5 Citigroups Chief Executive, Charles O. Prince said in July 2007, As longas the music is playing, youve got to get up and dance. Were still dancing.

6 Risk Management in a Time of Global Uncertainty, Harvard BusinessReview Analytic Services, Harvard Business School Publishing, USA, 2011

7 Risk Culture: Under the Microscope Guidance for Boards, The Institute ofRisk Management, 2013

8 Understanding and Articulating Risk Appetite, KPMG, 20099 Understanding and Articulating Risk Appetite (op. cit.)

10 Lord David Walker, A Review of Corporate Governance in UK Banks andOther Financial Industry Entities, HM Treasury, UK, 2009

11 Making Strides in Financial Services Risk Management, Ernst & Young,2011

12 Making Strides in Financial Services Risk Management (op. cit.)13 Research into the Definition and Application of the Concept of Risk

Appetite, Marsh and the University of Nottingham, UK, October 200914 Understanding and Articulating Risk Appetite (op. cit.)15 Risk Management: Principles and Guidelines, ISO31000-2006, ISO 200916 See www.senndelaney.com

Chapter 11

1 The Gartner Group, 2011, see http://thisiswhatgoodlookslike.com/2012/06/10/gartner-survey-shows-why-projects-fail/

2 Quoted from Robert Miller, Only a Matter of Time Before the SpreadsheetsHit the Fan, Daily Telegraph, UK, June 30, 2005

3 See, for example, The Use of Spreadsheets: Considerations for Section4 404of the SarbanesOxley Act, PricewaterhouseCoopers, July 2004

4 John Carney, Barclays Spreadsheet Error Results in Lehman Chaos, BusinessInsider, October 16, 2008

5 Grenville J. Croll, Spreadsheets and the Financial Collapse, European Spread-sheet Risks Interest Group, 2009

292 NOTES

Chapter 12

1 Enterprise Risk Management: Integrated Framework, the Committee ofSponsoring Organizations of the Treadway Commission, 2004

2 Capability Model Maturity Model, Carnegie Mellon University SoftwareEngineering Institute, USA

3 Jim Collins and Jerry Porras, Built to Last: Successful Habits of VisionaryCompanies, HarperCollins Publishers, 2002

4 Jim Collins and Jerry Porras, Good to Great: Why Some Companies Make theLeap . . . and Others Dont, HarperCollins Publishers, 2001

5 A. Osterwalder, Yves Pigneur, Alan Smith, and 470 practitioners from 45countries, Business Model Generation, Business Model Foundry, 2010

293

Index

Note: The letters f , n and t following locators refer to figures, notesand tables.

ABN AMRO acquisition, 956ACCA, see Association of Chartered

Certified Accountantsadvanced measure approach, 169Advanced Performance Institute, 122Advances in Accounting, 69Aerospace supplier, 18990aggregated objective score, 148aligning risk-taking, 21314alignment, benefits of, 1656AMA, see advanced measure

approachAmerican Accounting Association, 71API, see Advanced Performance

Instituteappetite alignment matrix, 38f, 47,

117, 138, 192, 2039, 21213,240, 255, 258, 276collective gut feel, 208competitive advantage, 208cost of controls, 209exposure alignment matrix, 206fexposure zones, 206optimal zone, 2067over-exposed zone, 207RBPM approach, use of, 208under-exposed zone, 2078

appetite alignment process, 20913appetite alignment matrix, 21213business drivers, 210business performance, 211key risks, 212misalignments, 213

monitoring, 213review, 213risk appetite, 211risk assessment, 212steps, 20910strategic objectives, 210

appetite and managing performance,202

appetite and managing risk, 203appetite and set strategy, 202appetite, strategic importance,

94100Arab Spring, 2The Art of War, 867Ashghal, 5661

corporate strategy map, 57f, 139initiative sheet used by, 60fthree themes of outsourcing and

delivery, 61Association of Accountants and

Financial Professionals in Business,71

Association of Chartered CertifiedAccountants, 19, 21617

ASX Corporate Governance Council,2212

Australia, risk management process,746

bailout, European Union, 17balanced performance measurement,

62

294 INDEX

balanced scorecard, 33, 5470Christchurch City, 153components, 54enduring popularity of the

Balanced Scorecard, 689execution premium, 658;

alienation of organization, 67;monitor and learn, 678; planthe strategy, 667; strategy,656; test and strategyadaptation, 68

financial benefits, 69financial impact of, 69tfirst generation, 623Hall of Fame, 124perspectives of, 49, 130schematic, 35f, 62fscorecard, 612second generation, 623shortcomings of scorecard usage,

6970strategy-focused organization,

635; alienation of theorganization, 64; continualprocess, 65; everyoneseveryday job, 645; executionpremium model, 66f; executiveleadership, 65; operationalterms, 634

strategy map, 5561weaknesses in, 81

Barker, Roger, 290n17Basel Accords, 289BAU, 2779BCI, see Business Continuity

Institutebest-practice approach, 142Best Practice in Risk Management,

1819BHAGs (Big Hairy Audacious

Goals), 272Bilodea, Barbara, 286n7blue ocean, 90brainstorming, 110

business as usual, 1578, 257, 259,2779, 284

Business Continuity Institute, 20business enterprise and regulatory

reform, 12business model canvas, 10910

Cadbury, Adrian, 286n6, 290n1Cadbury Committee, 2201Capability Model Maturity Model,

269, 292n2capital allocation, 73, 220career development, 10Carnegie Mellon University Software

Engineering Institute, 269Carney, John, 291n4causality, granular understanding,

131cause-and-effect relationship, 33, 63,

171, 203CGMA Magazine, 81Chan Kin, W., 90, 288n6Creelman, James, 285n4, 287n9,

288n5, 289n7, 289n8, 289n9child-initiative, 158China

foreign exchange reserves, 13global GDP share, 14tmarket capitalization, 13nominal GDP, 13

China Construction Group, 13Chocqueel-Mangan, Jonathan,

289n8, 289n9City of Christchurch, 1534

strategy map, 154fC-level risk executive, 29Climbing Out of the Credit Crunch, 19Collins, Jim, 272, 292n3, 292n4Committee of Sponsoring

Organizations of the TreadwayCommission, see COSO

Communication, 2428clarity, 2435concision, 247

INDEX 295

Communication continuedconsistency, 248and consultation, 2456context, 247credibility, 2467effectiveness, 24785 Cs of communication, 2428importance, 244internal and external, 2446ISO3100, 2446key lessons, 2445RBPM framework, 232RBPM implementation, 247strategic objectives, 243

CompaSS, 147control assessment data, 198control map, 1957, 277control scorecard, 46, 127, 129f,

1989, 203, 258corporate performance management,

27corporate scandals, 10, 70corporate strategy, 21, 43, 91, 225corporate strategy map, 579, 110COSO framework, 54, 71, 74, 78,

173risk appetite managing, 99;

communicate, 99; develop riskappetite, 99; monitor andupdate, 99

risk management frameworks,714

CPM, see corporate performancemanagement

Crabtree, Aaron, 69, 286n8credit crunch, 12, 1418, 234, 26,

30, 39, 412, 47, 53, 6971,801, 83, 945, 100, 108, 136,158, 174, 210, 21516, 21819,225, 2301, 234, 240, 244, 266causes of, 15, 17, 1920, 216consequence, 18cultural reason, 231governance, and, 21519

IMF estimation, 17JP Morgan Chases success, 83leading areas, 21617lessons from, 20, 245reason for, 21risk-taking drivers, 240Royal Bank of Scotland, 94

credit enhanced training, 219criminal-related incidents, 156critical capabilities, 30critical success factors, 231CRM, see customer relationship

managementCroll, Grenville J., 261, 291n5CSF, see critical success factorsCtW Investment Group, 83culture

accountability, 239characteristic, 237clear set of values, 235compelling vision, 2345conversations, 240definition, 2378discipline, 76financial services research, 2334incentives, 2402leadership with integrity, 2368strategy-focused, 23442

customer experience, 146customer relationship management,

128, 145, 157, 193

dashboards, role of, 25862DeBusk, Gerald, 69, 286n8Delaney Leadership Consulting, 246Dell, 89Deming, W. Edwards, 7, 285n2denial, psychology of, 1718derivative trading, irresponsible, 24digital technology development, 2double-entry bookkeeping, 149

eBay, 90economic crisis, 23

296 INDEX

Economist Intelligence Unit, 18, 100EFQM, see European Foundation for

Quality ManagementEnron Corporation, accounting

irregularities, 701enterprise risk management (ERM),

10, 723, 101, 112, 119, 1734,236see also risk management

Ernst & Youngs, 219, 234, 290n8,291n4, 291n11

European Foundation for QualityManagement, 89, 159excellence model, 9f, 156

Eurozone, 2, 206execution premium, 658

align the organization withstrategy, 67

develop the strategy, 656monitor and learn, 678plan the strategy, 667test and adapt the strategy, 68

exposure alignment matrix, 206fExxonMobil, 13

Facebook, 2The Failure of the Royal Bank of

Scotland, 958, 21718FDI, see foreign direct investmentfeedback

and communicationin context of RBPMloop, 132, 171stakeholder, 77

The Finance Function AchievingGlobal Excellence in a GlobalEconomy, 11

Financial Reporting Council, 21Financial Services Authority, 20, 48,

956, 98, 21718, 240, 259Financial Times Global 500 Index,

13first generation balanced scorecard,

623

foreign direct investment, 12foreign-exchange risk, 19four perspective risk map, 36f, 47,

1856, 2035, 255, 258FRC, see Financial Reporting CouncilFSA, see Financial Services Authority

Garter research, 265GBM, see global banking and

marketsGECs, see General Engineering

CompaniesGeneral Electric, 13General Engineering Companies,

57global banking and markets, 97globalization, 1114Globalization and the Changing UN

Economy, 12Goldfarb, Zachary A., 285n1Google, 88governance

apply approach, 223ASX Corporate Governance

Council, 2212board responsibilities, 2256boundaries setting, 224comply approach, 223and credit crunch, 21519data governance, 223decision making, 2245definition, 2203disclosure and transparency, 225IT Governance, 223King Report, 221OECD Principles of Corporate

Governance, 2223poor risk oversight, 21819, 218post-credit crunch, 21920, 219principles of, 2223project governance, 223RACI model, 2269RBPM framework, 216frisk management, and, 2256

INDEX 297

Royal Bank of Scotland, 21718UK Corporate Governance Code,

2201great depression, 17Greece, European Union bailout, 17

Hackett Group, 12, 156hard disciplines, 202, 215, 262, 280Hedges, Bob, 1689Hemington, Peter, 285n7high-performance culture, 146, 149HML, 4752

conceptual strategy map, 50foperational risk, 139scorecard indicators, 51f

IMF, 17, 19impact and likelihood (or

probability) matrix, 182India

global GDP share, 14tannual GDP, 13manufacturing exports, 13

indicators, 27, 31, 35, 489, 51, 82,11516, 12035, 145, 150, 153,1878, 192, 239, 256, 263, 277,280behaviour and, 133control scorecard, 129fdashboards, 277HML, 130integrated set of, 1246KCIs, 127KPIs, 126KRIs, 1267leading and lagging, 1303performance conversation, and,

1234performance scorecard, 128frisk scorecard, 128fscorecards, 12730working, 130

industrial-age thinking, 10Industrial and Commercial Bank of

China, 13

industrial revolution, 56initiative alignment matrix, 1636,

163f, 278f, 279initiative selection templates, 1603

Ashghal case, 1603Palladium, 160

Insights into the Post RecessionBusiness Environment, 14

Institute of Risk Management, 91,2378

integrated approach, 313appetite, 32business drivers, 31

integrating strategy, 21, 25, 247integration models, 803

JP Morgan Chase, 823Kaplan and Norton approach,

812Manigents financial services, 80Volkswagen Do Brazil, 823

International Organization forStandardization, 76

Ireland, European Union bailout, 17IRM, see Institute of Risk

Managementiron-making techniques, 6

see also industrial revolutionISO, see International Organization

for StandardizationISO31000, 45, 54, 58, 7681,

103, 1756, 244, 246,287n15balanced Scorecard, 79principles and guidelines, 789recommendations, 76risk management principles,

778see also risk management

JP Morgan Chase, 24, 42, 823,232, 285n1, 287n21

Juran trilogy, 7see also total quality management

298 INDEX

Kaplan, Robert, 33, 54, 87, 120,286n1, 286n2, 286n3, 286n4,286n5, 286n6, 287n10, 287n3,288n1, 289n10

Kaplan approach, integration models,812

KCIs, see key control indicatorskey control indicators, 356, 120,

122, 1249, 132, 149, 152, 167,197200, 256, 263

key controls, 1935categories, 194effectiveness, 197control activities, 194control environment, 194information and communication,

195internal control, 1935monitoring, 195objectives, 194risk assessment, 194

key dashboards and management,457

key indicators, see indicatorskey performance indicators, 336,

51, 57, 59, 61, 84, 12058,1878, 204, 263actionable, 1534candidate identification, 158cause and effect, 150describing a strategic initiative,

1578existing initiatives, 159financial, 14850high-performance cultures, 149initiative selection templates,

1603; Ashghal case, 1603;Palladium, 160

non-financial, 14850ownership, 1523preferred initiatives, 159prioritizing initiatives, 158resource allocation, 160strategic initiatives, 1578

strategic versus operational,1502; common definitions,151; do not repackage, 151;driving the right behaviours,1512

target selection, 1547;achievable, 155; benchmarking,1556; relative performance,1556; trending, 1567

key risk indicators, 356, 51, 81,104, 111, 120, 122, 1248,1312, 149, 152, 167, 172, 181,1878, 190, 192, 200, 240, 256,263development of, 187function of, 188key employee retention rate, 188overview of, 1878

key risks, 11214, 17782execution risk, 178financial risk, 179operational risk, 1789strategic risk, 178techniques, 113

key terms understanding, 1448differentiating key indicators, 145differentiating objectives, 145excellent management of

knowledge, 147initiatives, 145objective accountability, 1478objective description, 146objective desired state, 1467

King Report, 221Kirkpatrick, Grant, 217knowledge age, 78, 11KPIs, see key performance indicatorsKRIs, see key risk indicators

Lagace, Martha, 288n1leading indicator, 82, 1312likelihood rating, 1834LinkedIn, 11, 85, 150Lizwe, Nikala, 287n2

INDEX 299

London School of Economics, 17loss management, 16972

authorizations, 172birth of, 1736business impact assessment, 171corrective actions, 171estimation, 170information analysis, 172investigation, 170loss event capture, 170reporting, 172root cause analysis, 171

LSE, see London School ofEconomics

Makhijani, Naresh, 287n9Making Strides in Financial Services

Risk Management, 219, 234,2412

Malcolm Baldrige criteria, 154, 156Malcolm Baldrige national quality

framework, 9fManagement Tools & Trends 2011, 68managing performance, 337managing risk, 378Manigent, 1634, 204, 255, 257

see also appetite alignment matrixManigent Financial Services, 80, 27tMarr, Bernard, 287n9, 289n7Martens, Frank, 99, 288n9, 288n11,

288n13, 288n15, 288n19,288n20, 288n222, 289n11

maturity model, 2812Mauborgne, Renee, 90, 288n6MCI Corporation, 71McKinsey & Co, 13McNaughton, Ross, 285n15Mehr, Robert, 1689Microsoft, 13Middle East, protests and rebellions

across, 2Miller, Robert, 291n2Mintzberg, Henry, 10, 285n3money-losing mortgage, 83

mortgage-backed securities industry,16see also sub-prime lending

Moti, Ukerto, 90, 288n7Motorola, 878Motorola Mobility, 88Motorola Solutions, 88

NAICOM, see Nigerias NationalInsurance Commission

NatWest Bank, 94see also Royal Bank of Scotland

The New Economic World Order, 13New Zealand, risk management

process, 746Nigerias National Insurance

Commission, 179Norton, David, 33, 54, 87, 286n4,

286n5, 286n1, 286n2, 286n3,286n4, 286n5, 286n6, 287n3,289n10

Norton approach, integrationmodels, 812

OECD, see Organization forEconomic Cooperation andDevelopment

operational losses or loss events, 169operational risk maturity model, 48

see also HMLoptimal (aligned) zone, 206Orange Book, 756, 102forganizational risk management, 27Organization for Economic

Cooperation and Development,222

ORM, see organizational riskmanagement

ORMM, see operational risk maturitymodel

Osterwalder, A., 109, 288n21,292n5

OSullivan, Ronan, 285n15over-exposed zone, 206

300 INDEX

Payment Protection Insurance, 133performance

balanced scorecard, 13940objective-setting workshop, 144-sapping problems, 122strategic objectives, 1389sub-components, 1378

performance gaps, identification of,36

performance scorecard, 46, 127,128f, 148, 149f, 203, 280

PESTEL analysis, 33, 1067, 273elements of, 107f

Petrobras, 13PetroChina, 13Pierce, Andrew, 285n10Pigneur, Yves, 288n21, 292n5Plan operations, 67PMCs, see Program Management

CompaniesPorras, Jerry, 272, 292n3, 292n4Porter, Michael, 88, 287n4Portugal, European Union

bailout, 17PPI, see Payment Protection

InsurancePricewaterhouseCoopers, 72Prince, Charles O., 236, 291n5Principles of Scientific Management,

67process alignment matrix, 165f, 278f,

279usage, 1656

profound knowledge, 8Program Management Companies, 57

RACI model, 5, 215, 2269, 230,239, 257, 281accountable, 227benefits of, 2289consult, 227inform, 227responsible, 227steps, 2278

RAGAR colour coding, 1346conventional approach, 134performance-only approach, 135ranges, 134scoring challenges management,

136scoring range, 134usage of a, 153

Ranford, Mark, 58, 235RBPM approach implementation,

2684align, 277analyse, 26970articulate the chosen business

model, 273communication importance,

2823continuously refine the

framework, 280culture management, 2812embed, 27984iterations series, 276left circle, 40fmobilize, 2726operationalize, 277plan, 2702RACI model, 281risk appetite, 2756risk map, 274soft disciplines, 2801strategic approach, 272strategy map, 273technology, role, 2834

RBPM definition, 1959Control Map, 1957Controls Scorecard, 1989KCIs, 1978

RBPM framework, 3f, 45, 22, 25f,302, 39, 41, 445, 48, 53, 54f,70, 83, 86f, 100, 1234, 138,164, 166, 168, 171, 185, 2002,213, 216, 218, 227, 230, 232,2503, 256, 2589, 264, 267,2701, 280, 2823

INDEX 301

aligning risk-taking, 4governance, 216fleft circle, 4f, 32right circle, 5f, 41frisk appetite, 25sequencing, 4softer disciplines, 4

RBPM maturity model, 282fRBS, see Royal Bank of Scotlandrecession, 2, 14, 17, 107red ocean, 90Rein, Lisa, 285Rigby, Darrell, 286n7risk and business strategy, 201risk and control scorecards, 47, 258risk appetite, 22, 33, 93, 99100,

103, 111, 11314, 116, 119, 191,205, 238aligning, 114and risk profiles, 20articulation of, 238, 242business model canvas, 10910business models, 1089cascading, 118COSOs definition, 101COSO view of managing, 99critical role of, 119definition, 1001, 11416,

1901, 238, 242; OrangeBook, 1023; RBPM, 103; riskmanagement code, 103

key business drivers identification,105

key drivers, 1057key risks, definitions and

assessment, 11214measurement, 11618multidimensional construction,

113fPESTEL analysis, 106purposes of, 119RBSs failure, 948risk levels defining, 110risk tolerance, and, 1034

statement, 10416strategic objectives, 11012strategy, and, 948summarized statement, 116fsummary benefits, 11718SWOT analysis, 106tracking, 108

risk assessment, 59, 79, 1827four perspective risk map, 1857

Risk Bow-tie, 17981risk categories, 184trisk event card, 82Risk Heat Map, 59, 182, 183f, 185risk identification template, 1812risk likelihood rating, 184trisk management

aligning risk appetite and strategy,723

Australian standards, 746categories of risk, 178fcorporate failures, 701COSO, 714cross-enterprise risks, 73definition, 73, 1757discipline and function, 16873emergence of, 167enhancing risk response decisions,

73failure of, 5, 1820, 100, 174first appearance, 10governance, and, 2256identification of key risks, 17782;

execution risk, 178; financialrisk, 179; operational risk,1789; strategic risk, 178

improving deployment of capital,73

ISO31000, 7680NAICOM categories of risk, 179fNew Zealand Standards, 746Orange Book, 756reducing operational surprises and

losses, 73Risk Bow-tie, 17981

302 INDEX

risk management continuedrisk identification template,

1812SarbanesOxley, 71scandals, 701seizing opportunities, 73steps, 168systematic analysis and

conversation, 172uncertainty element of, 1789

Risk Management MaturityDashboards, 48

Risk Map, 45, 59, 136, 183, 185,187, 196, 229, 2745, 277, 280example, 275f

Risk Master, emergence of, 2630C-level risk executive, 29continuous improvement, 29decision-making processes, 28integrate risk management

capabilities, 28measurement sophistication, 28risk awareness, 29shareholder value, 28

risk mitigation plan, 48level of urgency, 182

risk scorecard, 46, 127, 128f, 1923,203, 258, 280accountable person, 192appetite alignment status, 192design, 192organization key risks, 192risk assessment data, 192

risk-taking aligning, 3844,2034appetite alignment matrix, 204communication, 44culture, 423four perspective risk map, 203governance, 3942right circle, 3944shareholder value, 44strategy map, 203

risk tolerance, 1034, 111, 127,18892Aerospace supplier, 18990compliance tolerances, 190definitions of, 1901operations tolerances, 190reporting tolerances, 190water company, 1912

Rittenberg, Larry, 99, 288n9,288n11, 288n13, 288n15,288n19, 288n20, 288n22,289n11

RMP, see risk mitigation planRoyal Bank of Scotland, 16, 21, 84,

94, 171, 266boards role in strategy, 967cause of failure, 956credit crunch, 948failure of, FSA report, 958,

21718internal audit report, 97

Saatchi and Saatchi Worldwide, 147see also CompaSS

salary, betterment of, 10SarbanesOxley act, 71, 223,

287n11, 290n15, 291n3Schwarz, Nelson D., 287n21scoring methodology, 134

see also RAGAR colour codingSEI, see Carnegie Mellon University

Software Engineering Instituteseven RBPM disciplines, 457SharePoint, 51, 252shifting paradigms, 23silo-working, 7Silver-Greenberg, Jessica, 287n21six sigma, 67, 878Smart, Andrew, 26, 80, 233, 286n2,

287n17, 291n3Smith, Alan, 288n21, 292n5social media, influence of, 2soft disciplines, 4, 202, 215, 248,

2623, 2801

INDEX 303

spreadsheets, shortcomings of using,25962archiving, 261assumptions, 262cottage industries, 260enterprise interoperability, 262fraud, 261front-line concern, 260high risk, 260interpretation, 261lack of collaboration capabilities,

261lack of well-constructed built-in

approach, 261multiple versions of the truth, 260opacity, 262overconfidence, 261reification, 262

StatexPoint solution, 51Statoil, 123strategic performance management,

289n6strategic planning, 10, 278, 63,

689, 77, 154Strategy and Risk Studio, 2524, 256strategy

blue ocean strategy, 90for commercial and non-profit

organizations, 901corporate strategy, 91definition of, 914Michael Porters definition, 88operational focus, 878risk, 91risk appetite and, 948set, 323setting, 923strategic importance of appetite,

94100Sun Tzu, 867three value-disciplines, 8990;

customer intimacy, 8990;operational excellence, 89;product leadership, 90

strategy-focused organization, 635align the organization, 64execution premium model, steps

of, 66fmake a continual process, 65make strategy everyones everyday

job, 645mobilize change through

executive leadership, 65principles of, 64ftranslate the strategy into

operational terms, 634strategy management theory, 140strategy map, 33, 34f, 478, 5561,

143Christchurch City, 154femergence of, 63example, 140f, 141f, 274finternal process perspective, 111objective on, 139perspective of, 146Saatchi and Saatchi, 142fand scorecard, 34

StratexLive, 2523StratexPoint, 2523, 2567, 259,

283implementation of, 259

StratexSystems, 48, 2523, 2578see also HML

Strengthening Enterprise RiskManagement for CompetitiveAdvantage, 174

sub-prime lending, 1517, 174Sun Tzu, 867, 287n1supporting customer objectives, 139supporting performance, 47SWOT analysis, 33, 106f, 273

tail-risk meetings, 39Taylor, Fredrick W., 6, 285n1Taylorism, 6, 10

impact of, 6technology and culture, 257

304 INDEX

technology, role ofappetite alignment matrix, 255control self-assessment processes,

256four perspective risk map, 255integrated strategy, 252key risks, 252limitation, 2512Manigent, 255non-technology aspects, 255RACI model, 257RBPM approach implementation,

254RBPM enabler, 2514RBPM framework, 250frisk assessment, 256risk management solutions, 252SharePoint, 252Strategy and Risk Studio, 2534strategy map, 252StratexLive, 2523StratexPoint, 2523StratexSystems, 255technological capabilities, 2624visualization, 25862

total quality management, 711, 87,121popularity of, 8Xerox, adopter of, 8

TQM, see total quality managementtraining initiatives, 49, 51, 239Treacy, Michael, 8990, 287n5turbulent times, 24, 14, 213, 25,

39, 53, 91, 109, 120, 185, 2001,250, 267, 284

Turnbull, Nigel, 290n3Tyco International, 71

UK bank Northern Rock, 16UK Corporate Governance Code,

21, 39, 2201UK financial services study, 26under-exposed zone, 2078Understanding and Articulating

Risk Appetite, 238, 244Understanding and Communicating

Risk Appetite, 989, 104, 188United States

bankruptcy, 71debt issue, 2economic hegemony, 13global GDP share, 14tsub-prime lending, 1517

Virgin Money, 16Volkswagen Do Brazil, 823

Walker, Lord David, 241, 291n10Walker Report, 241Wal-Mart, 89Water Quality Index, 191Water Quality Sampling Results, 191Weatherill, Gillian, 47, 130, 237, 239Wiersema, Fred, 8990, 287n5WorldCom scandal, 71

Xerox Corporation, 8

YouTube, 2