Menu Close Menu

Menu

Account
Premium

What the CFO Needs to Know About External Risks - A Principled Performance Playbook

Download Playbook

The risk information needs of the CFO include both internal and external drivers and risk factors. The area that has challenged many organizations is the oversight and management of externally driven risks and this Playbook addresses that need.

To do the job of ensuring that the organization can achieve Principled Performance, the CFO must know four things about managing externally driven risk:

1. Does the organization adequately monitor and document information about external risk events and factors that have been identified as having a potential impact on objectives?

2. Have those with responsibility for managing each risk or risk type and those in charge of business processes affected by such risks established a system of triggers, notices and reports to ensure that they respond to identified changes as needed to maintain strong risk management?

3. Is there an effective method of mapping each risk to related objectives, related business processes,established controls and other relevant information?

4. How can the organization best organize this critical information to ensure that it is agile and responsive to change in a way that enhances the reliability of the achievement of objectives?

The playsheets in this Playbook will help you to organize the information needed to answer these questions.




Featured in: Risk Management

Related Resources
Back to top
OCEG © 2002 - 2024 OCEG

Terms of Service

Privacy Policy

Refund Policy

support@oceg.org

Contact Us

Information & Billing
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.