Too few risks are identified, too many are managed

We don't want to know what can go wrong When I'm looking at a risk management implementation from an audit point of view, I often worry about two fundamentally opposite problems. On the one hand, I note that quite often the risk identification exercise is not conducted to ensure completeness. Often heard excuses are: "we … Continue reading Too few risks are identified, too many are managed