Play Video


Click the large image above to stream this video directly from Vimeo at the best resolution for your device.

If you need to save a copy of the video to your computer, you can click the blue DOWNLOAD VIDEO button and a copy of the video file will be downloaded to your hard drive. The file is an mp4 file in 720p HD format (suitable for projection to a large screen) and will take some time to download. Please be patient.

If you experience any problem with either option please email Doug or Ed for personal assistance.

Focusing on the Critical Few – ensuring ‘Control Effectiveness’

Anthony Masciangioli – Director and Principal Consultant
Darren Head, Principal Consultant, Riskcom Pty Ltd


Risk can often be seen as a disparate set of problems that seem to be unrelated and can result in Boards, Executives and Senior Managers being overwhelmed and exposed as the business struggles to address its issues across many competing priorities.

So how do we manage this? We must first identify and understand the critical risks the business is exposed to. The concept of risk lends itself to the Pareto principle, that is; 80% of a business’ risk profile is related to 20% of its risks (i.e. the critical few). Given this, it is appropriate for a business to focus on the ‘critical few’ rather than the ‘trivial many’ and to drill down deep into the causal pathway of the ‘critical few’. The aim of this is to ensure that effective controls are available to be implemented when required.

We must then understand the organisation’s (including the Boards, Executives and Senior Managers) appetite for managing these ‘critical few’ risks. The appetite for managing these ‘critical few’ risks is a function of the organisation’s culture and we must understand what motivates (or demotivates) the Board, Executive, Senior Managers and employees to implement (or not) the relevant management system requirements including activation of the critical controls when required.

When we truly understand what motivates people to manage the ‘critical few’ risks and we hold people accountable for the availability and effectiveness of the controls, then and only then will we have a culture that will enable a business to mitigate/manage its risk profile and optimise its business performance.

In this session, we will reflect on several case studies to support these contentions and provide evidence of this approach.