Historically, corporate risk management was purely a financial planning exercise that was reactive in nature.
It involved an equation that plotted two indices on a graph: risk and cost. The more likely the risk was to materialize, the greater the financial resources that were allocated to mitigate the impact, including both cash and insurance.
With the high-profile corporate fraud cases of the past five years and the resulting advent of high-stakes governance regulation, however, risk management has begun to move, ...