Risk & Resilience

In this article, Graeme Keith explores what it really means to build a risk model that is genuinely useful in practice rather than simply mathematically impressive. He emphasizes that effective models must be embedded in real decision-making processes, aligned with clear objectives, and developed collaboratively with stakeholders. The focus is on modeling as a creative, iterative, and context-driven exercise that prioritizes understanding causal relationships and supporting informed action.

In his latest piece, Norman Marks breaks down a critical gap he continues to see across GRC and ERM programs: the absence of a true top-down, objective-focused approach. While many organizations and software platforms emphasize identifying risks first and then mapping them to objectives, Marks argues that this bottoms-up structure misses what matters most. To understand risk and opportunity in a meaningful way, he explains, organizations must start with their enterprise objectives, strategies, and goals, and then determine what could hinder or enable their achievement.

Telecoms regulators from the United Kingdom, United States, Canada, Australia and New Zealand have agreed to step up cooperation to shore up the security and reliability of global communications networks, following three days of meetings hosted by Ofcom in London.

If you are driving down the highway at 65mph (104.6kph), a broken-down truck in the middle of the road ahead is a serious source of risk. You might consider it the #1 entry in your list of top risks (if you were to put such a list together as you were driving). But what if you can’t see it?

Europe’s leading risk-focused expo, #RISK Europe, returns to ExCeL London on 12–13 November 2025, bringing together the continent’s foremost Governance, Risk, and Compliance (GRC) professionals for two days of cutting-edge insight, collaboration, and innovation.

Meta is eliminating a number of roles within its risk organization as the company continues shifting from manual compliance review processes to more automated, tech-driven workflows, according to an internal memo obtained by Business Insider.

Every crisis begins with a moment of disbelief. The thing that wasn’t supposed to happen suddenly has, and the assumptions that felt so comfortable a day earlier now feel paper-thin. That’s when risk management either shows up or falls apart.