Excerpts Certainly, non-financial risks have always existed. However, it’s only relatively recently that the way we conceive of risk has broadened beyond traditional risks (such as credit risk, competition and market factors) to include operational risks, conduct risks, compliance risks and cyber risks, as well as environmental, social and governance (ESG) factors. Guide Article: Accountants are pivotal in identifying and managing non-financial risk Download: Guide to non-financial risks (PDF) by the Chartered Accountants Australia and New Zealand ...

Report: 2021 Asia Pacific Financial Services Regulatory Outlook (PDF)

Guide: A4S Essential Guide to Management Information

WEF report: The Global Risks Report 2020 | WEF The 15th edition of the World Economic Forum’s Global Risks Report is published as critical risks are manifesting. The global economy is facing an increased risk of stagnation, climate change is striking harder and more rapidly than expected, and fragmented cyberspace threatens the full potential of next-generation technologies — all while citizens worldwide protest political and economic conditions and voice concerns about systems that exacerbate inequality. The challenges before us demand immediate collective action, but fractures within the global community appear to only be widening. Stakeholders need to act quickly and with purpose within an unsettled global landscape. ...

ASIC report: ASIC releases report on director and officer oversight of non-financial risk ASIC podcast Interview with Suneeta Sidhu, the team leader of ASIC’s Corporate Governance Taskforce. “when we speak about non-financial risk, we speak about operational risk, conduct risk and compliance risk” Concepts discussed information flows board risk committees

Enabling the accountant’s role in effective enterprise risk management Download report

Artificial Intelligence (AI) rose to public prominence in recent years, and organisations are exploring how AI will disrupt their markets, operations, workforce and risk landscapes. This highlights the need for all three lines of defence to work together to manage AI risks and opportunities.

Cybersecurity risk has surged as organisations move online and embrace digital processes, transforming what was once a niche topic into a central focus for senior leadership and boards in ensuring their organisations maintain operational resilience. This highlights the essential role of the three lines of defence in managing and assuring digital risk.

Governance is how an organisation is directed, controlled, and held accountable to achieve its objectives - all while balancing competing stakeholder interests. Organisations implement governance through a combination of frameworks, processes, and practices - which are crucial for risk professionals to understand to manage and mitigate risk.

Critical thinking is an essential skill to develop in a digital risk career. Without critical thinking, you risk poor decisions that will expose your organisation to unnecessary risk. It is common to avoid critical thinking in every day life - it would be exhausting to think critically 24/7, instead we use techniques such as heuristics, as well as developing trust, to essentially save your brain’s bandwidth and processing needs. But in important situations which require well thought through decisions, heuristics and its more dangerous friend the cognitive bias, may lead to poor reasoning and weak analytical rigour. ...

Further reading The quality and effectiveness of audit: independent review - Gov UK Sir Donald Brydon issues his report on the quality and effectiveness of audit - Deloitte UK

Top 10 books about working life (Guardian, April 2015) What to read to understand international relations (Economist, Aug 2023) The World: A Brief Introduction. By Richard Haass The Rise and Fall of the Great Powers. By Paul Kennedy Is the American Century Over? By Joseph Nye China Goes Global: The Partial Power. By David Shambaugh The Wealth and Poverty of Nations. By David Landes

The NCSC’s Active Cyber Defence (ACD) program aims to protect the UK from cyber threats by providing tools and services to improve cybersecurity across the public and private sectors. Active Cyber Defence Further reading Introducing Active Cyber Defence 2.0

Advanced Message Security (AMS) is a feature of IBM MQ designed to safeguard sensitive data while it travels across the IBM MQ network. Further reading Overview of Advanced Message Security - IBM Documentation Qualities of protection available with AMS - IBM Documentation Related IBM MQ