Graeme Keith

In Graeme Keith's latest article, he explores the limitations of heat maps in risk assessment and why quantitative risk analysis is essential for effective Enterprise Risk Management (ERM). By using two hypothetical risk scenarios, Keith highlights the significant gaps in traditional risk matrices and advocates for a more rational, analytical approach to risk prioritization and aggregation. Through his analysis, he emphasizes the need for a deeper understanding of risk impacts, beyond surface-level assessments.

In today's risk landscape, regulatory-driven practices often fail to deliver meaningful value. Graeme Keith examines the challenges and opportunities presented by the dichotomy between Risk Management 1 (RM1) and Risk Management 2 (RM2). By exploring the unintended consequences of regulatory pressure on risk management systems, Keith presents a case for evolving traditional risk practices into a more strategic, decision-supportive approach.