Over time, the controversy between quantification based on observations of the past and subjective degrees of belief has taken on a deeper significance. The mathematically driven apparatus of modern risk management contains the seeds of dehumanizing and selfdestructive technology. Nobel laurete Kenneth Arrow has warned, "Our knowledge of the way things work, in society or in nature, comes trailing clouds of vagueness. Vast ills have followed a belief in certainty". In the process of breaking free from the past we may have become slaves of a new religion, a creed that is just as palpable, confining, and arbitrary as the old. Our lives teem with numbers, but we sometimes forget that numbers are only tools. They have no soul; they may indeed become fetishes. Many of our most critical decisions are made by computers that devout numbers like voracious monsters and insist on being nourished with ever-greater quantitities of digits to crunch, digest, and spew back.

Bernstein, Peter L., 1996. "Against the Gods - The Remarkable Story of Risk", pp.7. John Wiley & Sons. Inc.

MindRisk Matrix
  • Policies,
    Procedures and
    Guidelines
  • Risk
    Management
  • Performance
    Management
  • Information
    Systems
  • Reporting
  • Corporate
    Governance
  • Investigative
    Forensics
  • Business
    Continuity
  • Risk
    Management
  • Does your CRO
    report to the Board?
  • Process Risks and
    Controls
  • Information
    Security Risks
  • Key Risk Indicators,
    Financial Statement Risks
  • Compliance Risk
  • Anti-Fraud measures
  • BCP Coordination Risk
  • Performance
    Management
  • Operational Risks
  • Do you have a
    Strategic Scorecard?
  • Business strategy aligned with IT Strategy
  • Rolling Forecasts
  • Governance
    Committees
  • Anti Money Laundering &
    Terrorism Financing
  • Offsite Arrangements &
    Call Trees
  • Information
    Systems
  • IT General Controls and
    Application Controls
  • IT as Business enabler
  • Does your Board understand IT Strategy?
  • Capitalisation of IT projects spent
  • Privacy
  • Detective controls
  • Minimum Acceptabe Outage (MAO)
  • Reporting
  • Dashboards
  • Financial, Management and Regulatory Reporting
  • IT spent and
    benefit realisation
  • Financial report reconciles with Management report?
  • Disclosure
  • Reputational
    damage
  • Criticality Assessment
  • Corporate
    Governance
  • Risk and Audit Committee
  • Board Composition
  • Board and the CIO
  • Internal and External Auditing
  • Is your organisation aligned with best practices?
  • Whistleblower
    protection
  • Investigative
    Forensics
  • Internal & External Fraud
  • Segregation of Duties
  • Access Controls
  • Provisions and
    Contingencies
  • Organisation capable to coordinate with local Police?
  • Penal Provisions and
    Prosecutions
  • Business
    Continuity
  • Critical Response
  • Succession
    Planning
  • Data Recovery
  • Impact Analysis
  • Incident Management Team
  • Regulatory Penalties
  • Do you have a drilled Business Continuation Plan?
If you have any questions or comments email us at risk@mindrisk.com