Risk management – read all about it!

Sword GRC Blog

Risk management – read all about it!

Type ‘risk management’ into any search bar and you’ll find there’s a lot of reading matter out there! To help you navigate the content, we’ve put together a round-up of some of our preferred risk management blogs and provided signposting to news, views and thought leadership within the world of risk management, and governance, risk and compliance (GRC) from some of the industry’s preeminent sources:

Dr Ariane Chapelle

Ariane Chapelle, another regular Sword GRC webinar guest speaker, has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group. Today, Dr Chapelle runs Chapelle Consulting, a training and consulting practice in risk management serving Tier 1 to Tier 3 financial organisations and international institutions, including central banks and UN agencies. trainer and consultant in operational risk. Chapelle’s insights, including blogs and videos are highly informative – click here for details.

The GRC Pundit

Michael Rasmussen, a regular Sword GRC webinar guest speaker, is an internationally recognized pundit with specific expertise in enterprise GRC, GRC technology, corporate compliance, risk management and policy management. The GRC Pundit Blog offers a wide range of insights across all aspects of risk management, governance and compliance.

The Risk Doctor

Dr David Hillson, known as the Risk Doctor, is an acknowledged thought leader in risk management, speaker and award-winning author. He shares his strategic risk management insights via videos hosted on YouTube including the popular “100 Risk Questions” video series, recorded in Oman in January 2018 in partnership with the Risk Management Office of Sultan Qaboos University.

Norman Marks

Norman Marks has worked within internal audit, risk management and governance for many years and continues to blog, write, train, speak and mentor individuals and organizations. Made a Fellow by OCEG for his commentary on GRC, and an Honorary Fellow of the Institute of Risk Management for his contribution to the risk management field, Marks’ blog features many posts dedicated to risk management topics.

Risk Management Monitor

Risk Management Monitor is the official blog of Risk Management Magazine. Both Risk Management Monitor and Risk Management Magazine are publications of the Risk and Insurance Management Society (RMIS). Visit the blog for articles, commentary and interviews related to the world of risk management and insurance.

Institute of Risk Management (IRM)

As the leading professional body for Enterprise Risk Management (ERM), the Institute of Risk Management is dedicated to building excellence in risk management to improve the way that organizations work. A great source for research and thought leadership, IRM contributes to national and international committees, government bodies, research projects, consultations, standards bodies and other risk initiatives. Enterprise Risk, IRM’s official magazine, may also be of use.

Institute of Operational Risk (IOR)

Established in 2004, the Institute of Operational Risk is a professional body dedicated to the promotion of skills and standards associated with the field of operational risk management. While much material is reserved for IOR members, the Institute provides a range of useful risk web links, with a section dedicated to risk management. Sword GRC is pleased to offer IOR’s sound practice guidance series of whitepapers – covering all aspects of operational risk management and ERM best practice – available to download free of charge.

Risk Management Institute of Australasia (RMIA)

As the leading professional institution and industry association for risk managers in the Asia Pacific region, RMIA offers a wealth of resources for its members and some public access materials that are well worth a browse including whitepapers, news and RMIA – The Risk Magazine. Sword GRC is proud to be a RMIA strategic technology partner, sharing its commitment to risk management and supporting the organization in its work to provide leadership, knowledge, and recognition for risk professionals. Access RMIA resources.

Association for Project Management (APM)

APM is the only chartered body for the project profession; an educational charity dedicated to developing and promoting the value of project management in order to deliver improved project outcomes. APM’s website is a useful source of information and resources for anyone involved in project risk management. Take a look at the section dedicated to risk management, with links to blog posts and related reading.


Non-profit think tank, OCEG claims to have invented the acronym GRC as a ‘shorthand reference to the critical capabilities that must work together to achieve Principled Performance — the capabilities that integrate the governance, management and assurance of performance, risk, and compliance activities.’ The OCEG blog features a range of articles centred around governance, compliance and risk management.