top of page

Navigate the treacherous waters of business risks with Kris Hermans' comprehensive guide to strategic risk management.


In the complex world of business, risk is a ubiquitous and often underestimated factor. Understanding and managing it effectively can be the key to organizational success. Kris Hermans, a distinguished expert in risk management, offers a definitive resource for mastering the art and science of risk management in his latest book.

Mastering risk in the enterprise

  • 1. Introduction

    • The importance of risk management
    • Risk management in various industries
    • Objectives of risk management

    2. Understanding Risk

    • Definition of risk
    • Types of risk (operational, financial, strategic, etc.)
    • Risk factors and sources

    3. Risk Management Process

    • Risk identification
    • Risk assessment
    • Qualitative assessment
    • Quantitative assessment
    • Risk prioritization
    • Risk mitigation
    • Risk monitoring and review

    4. Risk Management Frameworks and Standards

    • ISO 31000
    • COSO ERM Framework
    • NIST SP 800-37
    • FAIR (Factor Analysis of Information Risk)
    • Basel Framework

    5. Risk Management Tools and Techniques

    • Risk registers
    • SWOT analysis
    • PESTLE analysis
    • Monte Carlo simulation
    • Decision trees
    • Bowtie analysis
    • Heat maps

    6. Governance, Risk, and Compliance (GRC)

    • The role of governance in risk management
    • Regulatory compliance and its impact on risk management
    • The relationship between risk management and internal audit

    7. Operational Risk Management

    • Key risk indicators (KRIs)
    • Incident management
    • Business continuity planning
    • Disaster recovery planning

    8. Financial Risk Management

    • Market risk
    • Credit risk
    • Liquidity risk
    • Interest rate risk
    • Foreign exchange risk

    9. Strategic Risk Management

    • Mergers and acquisitions
    • Competitive analysis
    • Corporate strategy and risk management

    10. IT Risk Management and Cybersecurity

    • Information security risks
    • Vulnerability and threat assessments
    • Risk management frameworks for cybersecurity (NIST CSF, ISO 27001)
    • Data privacy and protection

    11. Project Risk Management

    • Risk management in project planning
    • Risk management tools for projects (risk breakdown structure, risk matrix)
    • Contingency planning

    12. Supply Chain and Third-Party Risk Management

    • Vendor risk assessments
    • Supply chain disruption risks
    • Outsourcing and offshoring risks

    13. Environmental, Social, and Governance (ESG) Risks

    • Climate change and environmental risks
    • Social risks (labour practices, human rights)
    • Corporate governance risks

    14. Risk Management Culture and Communication

    • Building a risk-aware culture
    • Risk management training and awareness programs
    • Reporting and communicating risks to stakeholders

    15. Case Studies

    • Real-world examples of effective risk management
    • Lessons learned from risk management failures

    16. Conclusion

    • The evolving role of risk management
    • The future of risk management

    17. About the author

bottom of page