As an PRIMA ISO 31000 faculty member, I’d like to share three book recommendations with you. Whether you are heading to the beach or are looking for something to enjoy over your morning coffee, I think these books have something to offer if you are already involved in enterprise risk management (ERM), or if you are planning implementation in the future.
The first book is Managing Risk and Performance: A Guide for Government Decision Makers, by Thomas H. Stanton and Douglas W. Webster, Wiley Press, 2014. This book is a treasure chest of risk management information, specifically focused on government. The chapters of the book merge the principles of modern enterprise risk management practice with the needs of federal agency managers to understand and manage the risks of their organizations. For me, this book serves as a mini-library of risk management topics and real challenges encountered by various contributing subject matter experts in public sector risk management field.
The second book I would recommend is Risk and Crisis Management in the Public Sector, by Lynn Drennan and Allan McConnell, Routledge, 2007. This book focuses more on risk management around crisis situations. I found the information on the elements of a “crisis”, and the connection of crisis management and risk management to be very insightful. The book methodically covers the nature of risk and crisis; drivers for risk and crisis management; assessing and responding to risks; contingency planning and crisis preparedness; and post-crisis actions. This book has more of an international-flavor to it, and reminds us that aspects of enterprise risk management have been practiced abroad for a number of years. It concludes with an excellent case study on managing risk in public service organizations with a personal account by Ed van Thijn, former Mayor of Amsterdam.
And lastly, if you are looking for more ERM literature, I would recommend is Enterprise Risk Management – A Guide for Government Professionals, by Dr. Karen Hardy, Jossey-Bass (Wiley Brand) Publishing, 2015. This book is one of the more recent publications on enterprise risk management. In this textbook-like publication, Hardy covers the ERM fundamentals, but also makes the connection to managing risk in a governmental environment. Readers will appreciate the “stage setting” in her introduction as she relates top risk areas in governmental organizations to the public sector, and her use of specific examples of risk management in federal government organizations. The book covers the main frameworks and standards, and includes information on best practices in federal agencies. It also addresses some of the unique challenges of building a risk culture in public sector entities
There are relatively few books and articles that focus on risk management in the public sector. These three are worth adding to your professional reading list. Have you found any other books particularly useful? What other publications do you follow to increase your knowledge of ERM?