James Bone, a lecturer for the M.S. in Enterprise Risk Management program at Columbia University’s School of Professional Studies, presented at the Society for Risk Analysis' World Congress in Cape Town, South Africa earlier this month. His presentation focused on the cognitive risk framework for cybersecurity and enterprise risk management.
Enterprise Risk Management is the process of assessing and addressing how organizations make decisions about the risks that impact organizational goals and objectives. There are about four globally recognized risk frameworks and standards that codify the process of developing enterprise risk management programs. These focus on Ethical Behavior, Conduct Risk, and Awareness.
“While these processes are important, they have not proven to be effective at minimizing fraud, corporate failure, or the growth of cyber risks permeating many industries and government agencies,” Bone said. “My cognitive risk framework proposes guidance for organizations to incorporate into their existing risk programs that put the human at the center of risk management with the right processes, technology, and systems of behavior that empower employees at all levels to manage the risks that matter to organizational success.”
Bone was also recently selected for the School of Professional Studies' Dean's Applied Research Award. He plans to document existing risk practices across diverse industries to evaluate the maturity of risk programs to assist humans in making better decisions.