RIMScast

The Risk and Insurance Management Society, Inc.
  • 4.6 (12)
  • BUSINESS NEWS
  • UPDATED WEEKLY

The official podcast of RIMS, the Risk and Insurance Management Society. Tune in for weekly discussions about risk management hot topics, interviews with leaders in the profession, and updates on RIMS events and education.

  1. 6D AGO

    Strategic Risk Career Transitions with Susan Hiteshew

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Susan Hiteshew about her career path, from long-time risk manager to broker, and how her foundation in risk provides her with corporate empathy and understanding of her clients. They cover key principles Susan learned on the way, how she intentionally made a change, and how her risk philosophy helps her as a broker. Susan shares points from her risk philosophy and the benefits she realized from the RIMS-CRMP, as well as from serving on the National RIMS Board.   Listen for key factors in a great trisk management team.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. We will be joined by Susan Hiteshew, a long-time risk professional, to discuss how she successfully transitioned over to the broker side. We will also get her ERM philosophy and how it still guides her to this day. But first… [:47] RIMS-CRMP and Some Prep Courses. The next virtual prep courses will be held on March 110th and 11th and again on April 21st and 22nd. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:04] RIMS Virtual Workshops are coming up. On February 2nd and 3rd, Pat Saporito will host the debut of the two-day course, "Storytelling with Data for Risk Management". [1:18] On February 4th and 5th, Ken Baker will return to deliver the course, "Applying and Integrating ERM". [1:28] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:39] RIMS members always enjoy deep discounts on the virtual workshops. [1:43] The next RIMS Webinar will celebrate Women's History Month by exploring "Hard Hats & High Stakes: Women Leaders Shaping Construction Risk Management" on March 6th. [1:53] We'll be joined by a Chief Risk Officer, an underwriter, and a broker, who will explore their career paths and risk and safety philosophies, and lend some insight as to why this is the time for the next generation of leaders to rise. [2:08] Visit RIMS.org/webinars and check out the link in this episode's show notes. [2:12] On with the show! Our guest today is the Managing Director and Office Head for Marsh's Washington, D.C. Office. Before accepting that role, she had 16 years of experience in risk management. She was one of the first RIMS-CRMP certificate holders. She's Susan Hiteshew. [2:35] We're going to talk about her career and why she decided to make a transition over to the broker side with Marsh. We'll also talk about her ERM philosophy and how it continues to guide her to this day. [2:47] We will also talk about strategy and the concept of professional empathy. Let's get to it… [2:54] Interview! Susan Hiteshew, welcome to RIMScast! [3:34] Susan can't imagine a better way to start 2026 than getting to be here on RIMScast with Justin! [4:00] For years, Susan was a corporate risk manager. Most recently, she was the VP of Risk at a real estate investment trust. Before that, she was Senior Director of Insurance at a major hotel brand and had filled other risk roles. [4:25] Susan says that before she got started as a risk manager, she began her career in claims. She worked in a specialized unit on the carrier side, analyzing legacy claims for coverage. They printed policies, read them, and manually wrote claims notes on them. [4:57] Susan says it was a great way to learn the coverages and understand the underwriting intent of the policies. That foundation taught her that insurance is technically complex and that there's a policyholder on the other end who will be getting your coverage letter in the mail. [5:19] Susan says insurance is a people business, even though it is very much a technical business. It's a form of strategic finance. [5:28] Susan learned as a risk manager the value in building that downside protection for your company and creating predictability in your cost of risk so that your business can operate with confident margins. [5:44] As a risk manager, Susan implemented that approach into how she thought about ERM. She thinks the most successful ERM programs are very collaborative across different business units and are built upon the spirit that everyone's a risk manager. [6:05] Risk is something we all own for our company. Susan's focus was always on supporting her executive team and board, and giving them information in clear, cogent, and actionable ways. [6:24] Susan speaks of frameworks. Risk and strategy are two sides of the same coin. Some risks are quantifiable and insurable; some risks are not. [6:36] Enterprise risk management is about understanding all risks, creating awareness around them, and mobilizing your company to focus on those risks in every part of your organization, at every level. Susan finds value in both ISO and COSO. She leans more toward COSO. [7:19] ERM was different at every company Susan worked with, tailored to the company and the business. It was collaborative. So much of enterprise risk management is taking who you are as a company, where you're trying to go, and building a framework that makes the most sense. [8:11] Susan was a risk manager for about 16 years. [8:20] Susan had reached the point where she wanted to broaden her impact across the board. Every time she made a change in her career, it was because she wanted to try something new and learn something different. [9:09] The timing felt right. She had had a lot of different in-house experiences, so she could sit across from a client and say she had been in their seat and knows what they are thinking through from an insurance perspective, and she can help them solve their issues. [9:32] At different companies, a risk manager does different things. Susan had had different areas of responsibility in insurance, claims, captive management, and enterprise risk management. What she loved the most was the insurance side. [10:05] Susan asked herself, wouldn't it be great if she could do what she loved most, all the time, for lots of clients? She loves that in her role now, leading the D.C. office for Marsh, she gets to help lots of clients with lots of different problems. She loves supporting risk managers. [10:44] Susan says the reason that she's been able to do what she's done in her career is because of support from others in the industry. She's having a lot of fun, working on helping clients with interesting problems. She thinks professional empathy helps her support clients. [11:23] Quick Break! The RIMS CRO Certificate Program in Advanced Enterprise Risk Management is RIMS' live virtual program, led by James Lam. Great News! A brand new cohort has been announced. Registration closes on April 6th. [11:44] Beginning on April 14th, bi-weekly workshops will be held from 11:00 a.m. to 3:00 p.m. Eastern Time through June 23rd. Register now! A link is also in this episode's show notes. [11:57] Save the dates, March 18th and 19th, 2026, for the RIMS Legislative Summit, which will be held in Washington, D.C. Join us for two days of Congressional Meetings, networking, and advocating on behalf of the risk management community. [12:13] Visit RIMS.org/advocacy for more information and updates and to register. [12:21] Let's Return to Our Interview with Susan Hiteshew! [13:08] Susan says that where her background is most helpful is in her claims foundation. It trained her to interpret coverage, to understand the intent of policy language, and to understand all that goes into resolving complex claims. [13:24] As a risk manager, Susan learned what Accounting needs, what Finance needs, and what a CFO needs when something "has gone bump in the night" and there's a significant claim issue. [13:37] Susan can tie all that together to support a risk manager and say, "You might want to have a conversation with Accounting about this. What do you have budgeted for this? Let's have a conversation with Finance about this. Is Legal involved? Do we have clarity on Operations?" [13:55] Susan's years in-house taught her how to pull all of those different components of the organization together. A good risk manager knows and works with everybody in their company. There are many internal and external stakeholders.  [14:19] Susan helps risk managers navigate tough situations and know whom to talk to before needing to get in front of them, to bring a tough situation to a good resolution, with everybody being aware and having the opportunity to give input to bring the situation to a close. [14:41] Justin notes that the risk manager needs to be the point guard for the organization. Susan agrees. She coaches her daughter's basketball team. [15:20] Susan notes that risk managers save the company money, but in most cases, they don't generate income, so it's important to run an efficient risk management team with the resources to work with and support everybody in the company. The team size differs for every business. [16:19] Susan has loved every stop along the way in her career. Each one has been different. She has worked with amazing people. She looked for work where she would be professionally challenged, learn a lot, and work with awesome people she can learn from at every level. [17:06] When Susan was ready to try being on the broker side, she was very intentional about it. She is so grateful for her choice. She has absolutely loved this transition. [17:23] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [17:45] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available st

    34 min

  2. JAN 20

    Sports, Spotlight, and Risk Leadership with Rich Lenkov, Founder and CEO of SERMA

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Rich Lenkov, Founder and CEO of SERMA, about the unique aspects of risk management in sports and entertainment, such as stadium security and crowd safety for a big game or event. They look at what SERMA offers to risk professionals in sports and entertainment. Rich speaks of cross-disciplinary collaboration and the specialized content offered by SERMA. Rich shares his thoughts about the Day of the Endangered Lawyer and the importance of the Constitution and international law.   Listen for tips on sports and entertainment risk management.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. Our guest is Rich Lenkov, the Founder and CEO of SERMA, the Sports and Entertainment Risk Management Alliance. [:43] We will talk about all things sports and entertainment risk-related and get his play-by-play on what it takes to succeed in sports and entertainment risk. But first… [:54] RIMS-CRMP and Some Prep Courses. The next virtual prep courses will be held on March 110th and 11th and again on April 21st and 22nd. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. On February 2nd and 3rd, Pat Saporito will host the debut of the two-day course, "Storytelling with Data for Risk Management". [1:26] On February 4th and 5th, Ken Baker will return to deliver the course, "Applying and Integrating ERM". [1:35] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:47] RIMS members always enjoy deep discounts on the virtual workshops. [1:51] The next RIMS Webinar will celebrate Women's History Month by exploring "Hard Hats & High Stakes: Women Leaders Shaping Construction Risk Management" on March 6th. [2:00] We'll be joined by a Chief Risk Officer, an underwriter, and a broker, who will explore their career paths and risk and safety philosophies, and lend some insight as to why this is the time for the next generation of leaders to rise. Check out the link in this episode's show notes. [2:23] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:36] You can enroll now for the next cohort, which will be held over 12 weeks from April 14th through June 23rd. Links to registration and enrollment are in this episode's show notes. [2:52] On with the show! Our guest today is Rich Lenkov, Founder and CEO of SERMA, the Sports and Entertainment Risk Management Alliance. Rich is a lawyer by trade, but he is vested in the success of risk management, particularly against the backdrop of sports and entertainment. [3:13] With all the developments, regulations, or lack thereof, Rich has got a lot to say. We'll have a volley of ideas about sports risk management, active shooter preparedness at a stadium, name, image, and likeness rights for college athletes, and other topics. [3:41] Rich is also the host of SERMA's SERMAPod, so it's nice to have a podcasting brother on the show. Let's get to it… [3:49] Interview! Rich Lenkov, welcome to RIMScast! [4:07] Rich tells about hosting the SERMAPod. About 11 years ago, Chicago radio station WGN approached him to do a legal podcast for them, Legal Face-Off. About five years ago, SERMA started the SERMAPod. It's been a lot of fun! This is SERMA's fifth year, too. [4:50] Rich is a Capital Member of Downey & Lenkov. He's a full-time lawyer. This is Rich's 30th year in practice, having started in 1996. [5:16] Downey & Lenkov began in 2001. Rich has been with the firm since 2002. A Midwest-based law firm, Downey & Lenkov primarily handles insurance defense in Illinois, Indiana, and Wisconsin. [5:29] Downey & Lenkov does insurance defense in all its forms, from sports and entertainment law to premises liability, workers' compensation, employment, construction, products, and anything like that. They also do some transactional work and some professional liability. [5:47] That's Rich's day job. They're busy and have lots of clients. There's too much work, and not enough lawyers to do it! Rich says that servicing his clients is really rewarding. [6:07] Rich also has a production company. With that background and having worked in sports and entertainment law, he realized that there were not a lot of resources devoted to sports and entertainment risk management. [6:43] In discussing these issues with clients and colleagues, Rich saw a hole in the market for someone to provide content, networking, resources, and information-sharing. So he thought, why not? That's how SERMA got started. [7:01] Justin gives a shoutout to Emily Buckley, a member of both RIMS and SERMA. SERMA hosted a wonderful event at the RIMS ERM Conference 2025 in Seattle, and Emily invited Justin. [7:41] Rich has been a RIMS member, strong advocate, and supporter for almost his whole career. He finds it to be an incredible resource for knowledge and networking. He says the regional and national events are second to none. Lots of SERMA members are RIMS members. [8:03] Early on, SERMA decided to partner with groups like RIMS and local RIMS chapters. As the new kids on the block, SERMA is indebted to RIMS for inviting them to host events with them. [8:49] Rich says that a lot of the risks in sports and entertainment relate to high-profile companies, teams, leagues, and studios. The whole world is watching. When there's a tragedy or a weather event at a sporting event, it's not limited to the grounds. [9:17] There is a lot of scrutiny. Laws are involved, or legislation is produced. These are frequently ground-breaking losses for high-profile brands. Brand protection is important. Some of the biggest companies on the planet are very concerned about how their brand is perceived. [9:39] Rich says, the types of risks and claims are different from "garden-variety" hospitality or construction claims. You're dealing with unique circumstances. How do you extricate actors from the jungles of Costa Rica in a weather event? How do you protect the Super Bowl? [10:03] Those are not things that risk managers deal with every day. They are unique, specialized risks. Rich says he's learning new things every time SERMA provides content that's not seen anywhere else. [10:17] Justin adds that the teams and athletes themselves are some of the most recognizable brands in history, such as Michael Jordan. [10:32] Rich says  SERMA members deal with high-profile claims and risks. SERMA has done lots of content on handling workers' compensation claims from players. A lot of high-profile athletes, making a lot of money, are also pursuing workers' compensation claims. [10:58] Workers' compensation for highly-paid athletes is very expensive. All the teams are very attuned to what they are spending on workers' compensation. [11:11] SERMA brings together lawyers, risk managers, insurers, claims professionals, vendors, outside counsel, and other vendors who support the industry. At the end of 2025, SERMA had around 700 members with a ratio between industry professionals and vendors of seven to one. [11:41] Rich says SERMA consciously makes its environment one where risk managers, claims managers, and general counsel can meet and share resources in a relatively confidential way. [12:02] SERMA is not a space with a lot of salesmanship, but networking is encouraged. SERMA wants everyone to develop relationships. SERMA's priority is to have great, cutting-edge content, rather than just selling products. [12:43] Rich believes cross-disciplinary collaboration is important. We learn from each other. When Rich handles a sports or entertainment claim, he sees it from his perspective; he doesn't know what it's like to have boots on the ground at a venue when they are securing a big event. [13:12] It's important to collaborate with people who handle safety and security. When Rich speaks as an attorney to these folks, they have no idea what effect their initial investigation of a claim will have on discovery or if they go to trial. You have to learn from each other. [13:35] Rich finds that collaboration with risk professionals has been great. SERMA's risk professionals bring a unique perspective to the table. [13:52] A risk manager for a team or venue has to cover everything. A whole world of claims happens on any given sporting event. So much goes on behind the scenes that impacts the risks that the risk manager has to deal with. [14:09] Rich took his son to a Bears game over the weekend; they enjoyed it and went home. The risk manager, for weeks and months before, was dealing with everything from security to food preparation, active shooter drills, player injuries, and claims. [14:29] There is so much that any given game brings on a risk manager. The risk manager starts all over again the next day. It's a challenging environment. Rich says most risk managers would tell you that their jobs are really rewarding. [14:59] Rich was talking to the risk manager for the Boston Celtics. He gets to watch the Celtics every day. Sports risk management is difficult, it's challenging, but it's also a lot of fun. You get to be in spaces that most of us can only dream of. [15:14] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [15:36] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available starting on March 3rd. L

    35 min

  3. JAN 13

    Captives As A Rainy-Day Fund For Climate Losses with Deyna Feng

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Deyna Feng, Director of Captive Programs at Cummins, about her role at the company. They discuss the reality of climate change risks and how Cummins uses captives to address them in the short- and long-term in the U.S. and 36 countries globally. They talk about the various facets of the company, from property to supply chain, to business continuity, to human resources, at risk from climate events. They discuss the variety of regulatory sustainability reporting requirements around the globe.   Listen for steps to take to use captives for your climate risk planning and strategy.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. Our topic today is the interconnection between captives and climate risk. To help me delve deeper into this connection, I've asked Deyna Feng of Cummins to rejoin us. It will be great to catch up with her! [:49] You're going to walk away from this episode with a lot of great ideas for your captive programs. But first… [:55] RIMS-CRMP and Some Prep Courses. The next virtual prep course will be held on March 110th and 11th and again on April 21st and 22nd. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:26] On February 4th and 5th, Ken Baker will return to deliver the course, "Applying and Integrating ERM". [1:36] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:47] RIMS members always enjoy deep discounts on the virtual workshops. [1:57] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:10] You can enroll now for the next cohort, which will be held over 12 weeks from April 14th through June 23rd. Links to registration and enrollment are in this episode's show notes. [2:24] On with the show! Deyna Feng is rejoining us for the first time since 2021. She is the Director of Captive Programs at Cummins. [2:38] Cummins designs, manufactures, distributes, and services a broad range of power solutions, from traditional diesel and natural gas engines to advanced electric, hybrid, and hydrogen fuel cell technologies. [2:50] Deyna is here to discuss how climate change has had a huge influence on how she manages captives for Cummins. We're also going to speak a little more broadly about the ways you might think about climate risk as you launch or alter your captive program. Let's get to it… [3:06] Interview! Deyna Feng, welcome back to RIMScast! [3:21] Deyna Feng has been working for Cummins for the past 15 years. She was always with the risk insurance team and, since 2015, she's managed the captive operations, the insurance programming inside it, and the whole insurance company. [3:52] Deyna started with Cummins as Regional Risk Manager for Asia Pacific. Then she joined the company to manage its captive. Deyna has been really passionate about this career path because captive is such a wonderful risk management and risk insurance tool. [4:08] Deyna says Cummins has been using its captive constantly and actively managing different types of risk and profiles. [4:34] A captive is an insurance company. Cummins's captive is a pure captive, or a single-parent captive, so it purely insures the parent company's risks and business. [4:44] The benefit of a captive insurance company is that, instead of buying insurance from the commercial market, you can really tailor your insurance program within a captive. [4:55] They also provide financial benefits like tax benefits and some other things you can manage through the captive. [5:03] For the past few years, it's been hard on the insurance market on the property and the liability side. Cummins uses its captive, proactively, managing the whole program in a really unique way. Everything is tailor-made to your own program, your own risk. [5:21] If you are a good risk management account, you will receive benefits by doing such a self-insurance arrangement. [5:38] Justin recalls from reporting that in 2025, there are hundreds more captives among medium and small businesses than there were 20 years ago. Feng agrees. It's a booming market for the whole captive industry. It's growing for all captive domiciles around the world. [6:01] Deyna and Justin believe that captives are a big part of the future of risk management. [6:09] Justin reconnected with Deyna because of her unique philosophy that climate change can greatly impact a captive and, therefore, a company. [6:38] Deyna thinks everyone is feeling the effects of climate change in the current environment. They see more things happening, more frequently, with more severity; events like wildfires, floods, and hurricanes. [6:53] Deyna says, Before, it's rarely showing anywhere, or a 500-year event, then suddenly, something happens. We experience such dramatic events in different facilities globally. So, we are thinking such events can escalate super quickly and become catastrophic. [7:17] Deyna asks how we can manage such events, especially when you are dealing with a large insurance program, and it involves a big business interruption to your global company. [7:29] Deyna thinks there is a growing concern for global companies like Cummins for a few important reasons. First, frequency and severity are rising. Also, it's less predictable in certain areas, and there will be increasing exposure for large, global facilities. [8:08] Deyna speaks of supply chains. For a large manufacturing company with a global footprint, it's important to manage supply chain risk in a better way. The climate risk is changing globally, so it will impact Cummins's supply chain risk to a large extent. [8:30] Deyna says it also increased the complexity of managing claims, like a hurricane claim. Hurricane Helena is our recent example. It happened over a year ago, but it impacted multiple locations in that area and also impacted Cummins's warehouses and logistics centers. [8:50] It impacted the whole business revenue and the whole area. So, it becomes a much more complex claim to manage and handle. Even now, Cummins is still dealing with the whole impact of that Hurricane Helena flood claim. [9:11] Justin asks about polycrisis and how one event triggers others that the captive manager has to oversee and try to resolve. [9:31] Deyna says, Cummins has suppliers in that area. If those suppliers don't have good insurance coverage, then Cummins helps them out, so they can help Cummins's local business. That impacts a lot. Cummins is still dealing with a business interruption claim from that event. [10:06] Deyna says one important area for climate risk management is dealing with government regulatory requirement reporting changes, not just in the U.S, but worldwide, with international reporting. [10:25] Certain countries are more advanced in regulation development. So, for those countries, Cummins has to make sure to do a proper evaluation and prepare for those government reporting requirements. [10:44] That involves a whole set of reviews from different lenses. To manage the risk more effectively and efficiently, Cummins needs to consider a few options. One is about data. [10:59] The whole risk management and risk insurance program is data-driven, so Cummins makes sure to gather important climate risk-related data and then models it globally in CAD. This way, Cummins can anticipate future risk and business impact. [11:24] The second is the partners Cummins works with. Those are insurance, reinsurance, and brokers. They offer different types of climate risk-related data analysis. [11:38] From there, certain captives can use such data-driven arrangements and cat modelling to plan their parametric solution. That's a unique type of risk, tailor-made. [12:00] Deyna says Cummins's global insurance program has broad coverage, already covering such climate risks. That's useful for specific risks in certain areas. You have the trend, you see the need, and then you use this to pay claims quickly without complex claim procedures. [12:28] The other area Cummins has been doing is leveraging the data it receives and then utilizing the captive to do the strategic planning. That is how Cummins utilizes the captives to structure its global property liability program. [12:46] And then Cummins uses the captive as a fronting mechanism, and then puts more layers within the captive to manage large claims more flexibly. [12:58] Then the other part is using the captive to buy reinsurance to transfer certain catastrophic events or the higher risks to the reinsurance market. So it's a diversified captive strategy. [13:15] Justin asks about business continuity planning. Deyna says that to manage climate risk, business continuity planning is important. Lots of companies use it to manage traditional risks, like a flood or a fire, but it is also important to deal with future climate risk resiliency planning. [13:39] The supply chain risk is part of that, and then when you identify the high-risk area, like a heat wave, or cold stress, or water stress, how can you make sure your local businesses are well prepared to deal with those situations, especially in the long run? [14:00] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Co

    41 min

  4. JAN 5

    Risk Outlook '26 with Morgan O'Rourke and Hilary Tuttle

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this first episode of 2026, Justin interviews Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine. They discuss major cyber events of 2025, court rulings on AI fair use, and what risk professionals should take away about AI training data and intellectual property. They discuss regulations about forever chemicals or PFAS and what to look for in 2026 and beyond as these regulations change. They discuss the U.S. government shutdown of October and its residual effects.   Listen for a call for content submissions for RIMS Risk Management Magazine.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. This is our first episode of 2026. We're going to look forward and back, and who better to do that with than Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine? [:44] We will discuss some of the top risk management stories of 2025 and what they might mean for 2026. There's so much to discuss, from forever chemicals to AI! But first… [:55] RIMS-CRMP and Some Prep Courses. The next virtual prep course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. This is the last call for "Intro to ERM for Senior Leaders". It will be held on January 8th, led by Joe Mayo. [1:24] On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:35] On February 4th and 5th, Ken Baker will return to deliver the course, "Applying and Integrating ERM". [1:45] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:57] RIMS members always enjoy deep discounts on the virtual workshops. [2:06] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:19] You can enroll now for the next cohort, which will be held over 12 weeks from April 14th through June 23rd. Links to registration and enrollment are in this episode's show notes. [2:34] On with the show! The annual Year in Risk Review edition of RIMS Risk Management Magazine is now available. Visit RMMagazine.com for more information. [2:47] We're going to pick up where we left off with Morgan O'Rouke and Hilary Tuttle of RIMS Risk Management Magazine and the RIMS Publication Department. [2:54] Feel free to check out Episode 371 to get caught up as we discuss natural catastrophes and their impact on the landscape. [3:04] In this episode, we're going to talk about AI, PFAS forever chemicals, and how you can contribute to RIMS Risk Management Magazine in 2026. [3:14] Risk Management Magazine is an Azbee award winner, so you are hearing insights from the best in the business of risk management reporting. Let's get to it… [3:24] Interview!  Morgan O'Rourke and Hilary Tuttle, welcome back to RIMScast! [4:01] The Year in Risk 2025 Edition of RIMS Risk Management Magazine has been on digital shelves for a few weeks now. We're going to look a little bit forward and backward. [4:34] Data Privacy Day comes up on January 20th every year. All eyes turn to cyber. At RIMS, all eyes turn to Hilary because she is the cyber guru. Hilary thinks every day of the year is Data Privacy Day. [5:15] Hilary says, in the Year in Risk edition, they talked about 2025's Amazon Web Services outage, which took about 70,000 companies offline. It's a solid example of third-party risk and vendor security risks. [5:31] The economic impact of the outage was estimated to be in the billions of dollars, in terms of lost business and business interruption. Hilary said the AWS outage lasted about 16 hours. [5:53] It's a good reminder of vendor concentration risk in cloud services. The cloud services market has three major vendors; Amazon has about 30% of the market. If Amazon goes down, that's a significant number of clients who are at risk. [6:10] Hilary says insurers are not at real risk for this outage. A lot of cyber coverage has provisions for outages with waiting periods of eight to 12 hours. Your insurer might come in for the end of that situation, but most of it is on the insured. [6:38] For insurers and reinsurers, it was a pretty mild event. It's not going to cause huge changes in capacity or rates. It is a reminder that a lot of the risk is going to be on you, depending on the factors that are involved and the vendors that you pick. [6:58] There was also the Marks & Spencer ransomware incident that impacted their stores and online services. They sell about four million Great British pounds a day of products online. Their website was down for three months because of the ransomware event and recovery process. [7:29] Marks & Spencer had to go to pen and paper for in-store sales, and they operate hundreds of stores. It also caused inventory problems. It was a huge increase in waste because they didn't have ways of tracking or selling all of their inventory of food and other goods. [7:45] The cost to Marks & Spencer was estimated to be about three hundred million Great British pounds. [7:53] 2025 was a big year for cyber. Some other British retailers had some issues that have had retailers around the world taking note. [8:04] Morgan was interested in the Jaguar Land Rover case. Since Morgan was a child, he wanted a Jaguar for the hood ornament. If they're taken offline, how is Morgan ever going to get himself a Jaguar? [8:35] Hilary says, You and a lot of other customers, because they had to take all of their very automated production offline for a while. Parts and Sales were interrupted. They saw quarterly revenues drop around 24%, year-over-year, a difference of several hundred million pounds. [8:58] Morgan says it becomes a little bit the same. It doesn't mean that it's not important. It's one of those things we encounter with perpetual risks, whether it's disasters or cyber. [9:12] When they're always happening, they tend to get overlooked until some marquee event like an Amazon Web Services outage takes down a lot of people, or a company is taken offline for months and has to go back to pen and paper. That's not easy at large volumes. [9:38] The underlying current of the risks you have to deal with still needs to be a part of your day-to-day mitigation exercises.  [9:59] Hilary says The more things change, the more things stay the same. [10:18] Morgan says There is a broader perspective to everything. A risk is not just going to affect you; it's going to affect people down the line who are connected to your business. A cybersecurity event that happens over here is bound to have an impact on you, in some way. [10:35] Hilary says concentration risk is an increasing issue, and dependency is an issue. We have allowed some of the market players to become so large that the impact, if anything happens to them, is astounding. [10:50] There are advantages in having a large company as your vendor, but there's also a certain amount of instability in the lack of control you have in what's going on upstream. There's a lot that can happen downstream, to you. [11:26] Hilarity may attend a Black Hat conference this year. From that, she may see what is coming several years down the pike. [12:00] Justin says that AI is omnipresent. Regarding AI, in 2025, courts ruled on Fair Use. Multiple lawsuits were filed, and major settlements were reached. One lawsuit about scrubbing user data came from violating the Terms of Use, rather than copyright infringement. [12:44] Morgan says companies that use AI or are creating an AI should be looking at the emerging liabilities and governance challenges of AI. [12:55] There were a lot of cases. Two cases discussed in the Year in Risk 2025 were about Anthropic and Meta being sued by groups of authors. The courts ruled in both cases that if the AI made substantial changes to the material, they could use it under Fair Use. [13:32] The cases weren't definitive that you have an open free-for-all. Anthropic was guilty of using pirated materials from the authors to train its AI. Anthopic settled by paying $1.5 billion to the authors. The ruling was that you can use material that you get legally, by paying for it. [14:14] There are ways that the AI companies may be held accountable. There are 40 to 50 cases from every manner of media that may be adjudicated differently. It may come down to the sense of the case. There is some precedent set by one case. [14:36] Morgan says, from a content creator perspective, it's heartening that copyright is protected. Hilary says it's disheartening that larger companies like Disney have more negotiating power in what they allow AI to use, but smaller companies may not have as much power. [15:52] Morgan says the New York Times has licensed individual pieces for AI to use. [16:06] If the company creating AI doesn't have an agreement with a content creator, in a lot of court cases, the settlement ends up being a licensing agreement to use the content. [16:19] There's somewhat of an inevitability to the use of AI. You can't do anything about it, so you might as well get on board and get your piece. AI will take a little getting used to. [16:56] Morgan says their future coverage of AI will be less about the promise of AI and more about how to use AI responsibly in your business. What are the risks of AI in your business? [17:37] Everybody's doing it anyway, and risk depends on the level of fact-checking or information verification you are doing when you're putting together anything from an email to an R

    43 min

  5. 12/23/2025

    Year In Risk 2025 with Morgan O'Rourke and Hilary Tuttle

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this last episode of 2025, Justin interviews Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine on the most impactful risks of 2025 and what's expected in 2026. They discuss the difficulty of reporting on the rapid pace of risk change. Morgan and Hilary discuss the most impactful natural events of 2025: wildfires in California and Canada, Hurricane Melissa, and flooding. They discuss the economic risks posed by the unusual tariff changes in 2025 and how supply chains and inflation are affected. These risks are covered in the Q4 edition of RIMS Risk Management magazine online now.   Morgan and Hilary will return for the first episode of 2026, launching on January 5th.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. This is our final episode of 2025, and who better to spend it with than Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine? [:44] We will discuss some of the top risk management stories of 2025 and what they might mean for 2026. They will rejoin us for the first episode of 2026! But first… [:55] RIMS-CRMP and Some Prep Courses. The next virtual prep course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:26] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:38] RIMS members always enjoy deep discounts on the virtual workshops. [1:48] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:01] You can enroll now for the next cohort, which will be held over 12 weeks from January through March of 2026. Registration closes on January 5th. Or Spring ahead and register for the cohort that will be held from April through June, 2026. Registration closes on April 6th. [2:20] Links to registration and enrollment are in this episode's show notes. [2:27] On with the show! The annual Year in Risk Review edition of RIMS Risk Management magazine is now available. Visit RMmagazine.com for more information. [2:39] I wanted to dive deeper into some of the pages and the stories that made major headlines in risk management this year. Morgan and Hilary are rejoining us as part of our annual tradition. [2:54] We're not just looking back; we're also going to talk about how these events should be some warning signs and provide some extra insight for risk managers around the world. [3:05] Interview! This is our final episode of the year, and we're going out with a bang with two of my favorite people! [3:12] Morgan O'Rourke and Hilary Tuttle, welcome back to RIMScast! [3:23] Justin saw Morgan and Hilary, just a month ago in Seattle, at the ERM Conference. Morgan says it was raining the whole time, but it was a good conference. It was well-attended, and everybody enjoyed themselves, and the attendees got a lot out of it. It was a great event! [3:51] Hilary also thought it was great! The turnout was fantastic! There was some great feedback on a lot of the sessions. There were some packed rooms! People seemed pleased with the programming. Hilary didn't see the sun until she left, but she enjoyed the city! [5:12] Morgan and Hilary's goal for attending the ERM Conference is to gather good ideas for articles. They look for presenters who might be good content contributors in other formats. They look to get a sense of what is new and what is emerging. [5:24] Morgan and Hilary talk to members about what they're seeing in practice and what's concerning to them. Morgan says if there's a packed room for a session, it's clearly a topic that's resonating, which bumps it to the top of the list of things to pursue, since there's interest in it. [6:17] Justin notes that Morgan's always there in the sessions with pen and paper. He's old school! [7:36] Morgan says the hardest part of reporting on risk is the breadth of the risks they cover. Everything has a lot more nuance and a lot more effect. This incident happened, which had 57 knock-on effects. [7:47] Morgan explains why distilling that down to something that makes sense in article form is a huge challenge and compares writing about risk to the experience risk managers have with everything they deal with. [8:10] Morgan says that, at the end of the year, spotlighting the year in risk coverage is a challenge. How do you get the entire economic, geopolitical situation down to 200 words? [8:37] Hilary says the velocity of change is a challenge when covering risk. Unlike in everyday news coverage, they have to add an amount of value or takeaways for a reader who is looking to do something about risk. Developing that value, at the speed of risk, is particularly challenging. [9:15] Hilary continues. Crises are compounded now. You can't ignore a lot of those factors that make a crisis a bad issue. Hilary cites hurricanes, rapid intensification, which is a knock-on effect of climate change, lax building codes, and people building more in certain regions. [9:38] Hilary says you have to add so many layers to explain why this crisis is happening now. It becomes a lot more challenging to figure out how it impacts insurance. You have to take into account different exclusions or the way the policies are created. There are a lot of moving parts. [10:04] Morgan says, It's not just your picture. It's the picture of your suppliers and your customers, who might be across the country or around the world. All of their risks become your risks or, at least, will impact your business. [10:33] Justin compliments the digital layout of RIMS Risk Manager magazine. He speaks of how Morgan and Hilary go to RIMS events looking for inspiration for content and content contributors. [11:05] Morgan says, We're only as good as the information we've learned through the people we've met, or what we've read. We're not practicing risk managers. Hearing from experts who deal with it every day is the strongest way to get good content that resonates with our readers. [12:17] Morgan says wildfires were probably the most costly insured loss of 2025. Hilary says that earthquakes were the most costly in terms of the loss of life. The LA fire was the largest single economic loss. There are lots of expensive homes in Southern California. [13:26] Canada has had wildfires raging almost non-stop for two or three years. Wildfires are no longer secondary perils. They're a prime source of loss. Severe convective storms, in the aggregate, probably caused more damage than wildfires this year. [14:04] Hilary says severe convective storms have been in the top 10 for seven out of the last 10 years. Morgan says this was one of the top convective storm years. In natural disasters, you're not looking just at hurricanes and earthquakes, but also fires, floods, and more. [14:32] Hilary talks about secondary factors, like tremendous wind events in California, increasing the rate at which fires spread, making containment difficult. Things were moving fast. A lot of buildings were burning. It took three weeks to put out two of the largest fires. [15:05] Canada faced different challenges. All but two provinces had record, above-average fire seasons. Some fires impacted remote areas where getting people out is logistically extremely difficult. Seventy-something First Nations communities had to be evacuated. [15:35] If you're dealing with areas that are largely only accessible by air, getting communities of people out for long periods is logistically very challenging, with a devastating human impact. They're very different fires. [15:52] Hilary says it was quite a year. Morgan ties it back to the impact of climate change. It starts with drought, and it's exacerbated by winds. Then you've got these weird things that pop up where Mother Nature says, Hey, I've got a weird twist for you! [16:13] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [16:35] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available starting on March 3rd. Links are in this episode's show notes. [16:50] Let's Return to Our Interview with Morgan O'Rourke and Hilary Tuttle! [17:11] Some of the fires Canada experienced this year were zombie fires, also called holdover fires, or overwintering fires. They can live in the soil under the snow until it gets warm, the snow melts, and they reignite. Some of the fires of 2025 were started in 2023. [16:23] Hilary believes those holdover fires were in Saskatchewan, Manitoba, the Northwest Territories, and up North. Holdover fires are most common in the Arctic Circle. [18:43] Morgan and Hilary believe that's a good example of things that will happen more frequently with climate change, affecting a larger number of people than before. [19:15] Morgan says convective storms are tornadoes and thunderstorms. Hilary adds that it has to do with the pressure front that leads to forming them. Outbreaks of many tornadoes in a couple of days wreak havoc in the U.S. Midwest. [20:06] Morgan says the highest intensity of a tornado is EF5. There was an EF5 tornado in North Dakota for the first time in 10 years. It touched down in a place wh

    40 min

  6. 12/16/2025

    Risk Decision-making in 2026 with Joseph A. Milan, Ph.D.

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Joseph A. Milan, Ph.D., about the core philosophy or mindset for risk managers, the definition of acceptable risk, and how acceptable risk changes, depending on the organization's culture, strategy, or industry. Joseph shares his view on common mistakes and how biases can lead to gut decisions that are the least effective solutions. Justin and Joseph discuss Joseph's upcoming two-day virtual seminar, "Facilitating Risk-Based Decision Making", on March 4th and 5th, and how participants should prepare for it. Finally, Joseph shares closing thoughts for those in one-person risk departments. Listen for thoughts on how to keep the gut reaction out of decision-making.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. Our guest is Joseph Milan, Ph.D. You know him from the RIMS CRMP Insights Series. [:40] As one of our virtual instructors, he's here to discuss his own risk philosophies ahead of the RIMS Virtual Workshop on March 4th and 5th. He'll be leading "Facilitating Risk-Based Decision Making". But first… [:54] RIMS-CRMP and Some Exam Prep Courses. The next virtual prep course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:26] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:38] RIMS members always enjoy deep discounts on the virtual workshops. [1:48] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:00] You can enroll now for the next cohort, which will be held over 12 weeks from January to March of 2026. Registration closes on January 5th. Or Spring ahead and register for the cohort that will be held from April to June, 2026. Registration closes on April 6th. [2:20] Links to registration and enrollment are in this episode's show notes. [2:25] On with the show! Today, we will discuss facilitating risk-based decision-making with our friend Joseph Milan, Ph.D. He is the Principal at J.A. Milan & Associates and is also an Adjunct Professor at the University of Colorado. [2:43] He is a RIMS CRMP Commissioner. You get a lot of his insights from the RIMS CRMP Insights Series. A link is in this episode's show notes. In this dialog, we will get a preview of his upcoming workshop, "Facilitating Risk-Based Decision Making", on March 4th and 5th. [3:02] But we're really going to get into Joe's risk philosophies, which are the sorts of things the RIMScast audience can use as they develop their careers and as they move into higher positions, ascend the corporate ladder, or become a department of one. [3:20] Interview! I've known him for years, and I'm so glad to finally be saying… [3:22] Joseph Milan, welcome to RIMScast! [3:41] Justin notes that he and Joseph have recorded so many things through the years, but not RIMScast. Joseph says it's great to be back with Justin, and on this medium, and he looks forward to sharing more information with Justin and all the RIMS members. [4:21] Joseph shares his RIMS history. It started in the olden times of 2005 when he got involved in a committee Carol Fox set up, called at the time the ERM Development Committee, now known as the RIMS Strategic and Enterprise Risk Management Council. [4:46] Then Joseph started helping with curriculum development and in-person professional development, before COVID. [4:58] After COVID, Joseph has been involved not only in delivering seminars but, as a commission member for the RIMS-CRMP, helped develop that curriculum and governance structure. Joseph has been involved with RIMS in different ways over the years. [5:12] There's a good chance that someone listening to this podcast will think, Hey, I know that guy! I recognize that voice! [5:26] Joseph is an Adjunct Professor at the University of Colorado, Denver. He's been active in the Risk Consulting Space since 2008, doing projects that range from simple commercial insurance placements to complex ERM implementations. He brings a unique perspective. [6:02] Joseph teaches at the University of Colorado Business School. He helped develop a course on Enterprise Risk Management. ERM is truly becoming a mature discipline. Joseph thinks RIMS is establishing a global presence for ERM. Justin credits Joseph, in part, for that. [7:05] When Justin saw that Joseph was going to host a two-day workshop, March 5th and 6th, "Facilitating Risk-Based Decision Making", he said, Let's get Joe on the show and end 2025 with a great interview with him. [7:38] Joseph says the course is, in many ways, the pinnacle of risk management as a discipline. If we think about the domains and components of the RIMS-CRMP, the fifth domain within the CRMP is about supporting risk-based decision-making. [8:06] This is a two-day seminar that takes a deep dive into that space. Joseph says it's the most fun, advanced, and interactive. It's the task that requires the best blend between the technical and the so-called soft skills. It's really exciting. Joseph is looking forward to it. [8:28] Joseph hopes a lot of the audience listening to this podcast will take enough of an interest to spend the 14 or 15 hours — it seems like a lot, but it goes fast! There are breaks. [8:52] When Joseph leads a course, he takes questions live. His approach is dynamic and flexible in terms of making sure that people get what they expect from the seminar. [9:05] Joseph says crunching numbers is super important. The assumption for this seminar is that these are advanced practitioners who can do number crunching or hire somebody to do it. The number crunching is important because it sets the foundation for control limits. [9:23] Number crunching sets the foundation for being able to answer questions about risk philosophy. [9:34] Core philosophy is risk philosophy. Risk philosophy comes from definitions of risk appetite and risk tolerance, and being able to operationalize those definitions in simple statements, in plain language, tied to the control limits that come from the number crunching. [10:00] With a good amount of work, within any organization, a risk professional and a team of people dedicated to risk and ERM should be able to put those definitions into action. [10:31] In the context of an advanced risk management or ERM seminar, when we talk about risk, it's always also about opportunity. [10:46] The simplest definition of acceptable risk is that which fits within the risk philosophy of the organization, within risk appetite and risk tolerance, and supports the organization in terms of its pursuit of objectives. [11:04] It's almost always about higher profitability, more money in for-profit companies. Non-profit companies describe it differently. Maybe it's focusing on providing more service, which is a proxy for getting more money. [11:19] It's about remaining a going concern and achieving goals. That's the simple definition: fitting within risk appetite and risk tolerance. [11:52] Joseph says it's constantly about finding balance. It's not just about the most influential senior leader, the risk leader, or the ERM leader. [12:05] It's also about the risk owners within the organization and how they fit into the strategic direction of the organization: growth vs. stability. Maybe it's an organization in distress and is focusing on retrenchment and building up a balance sheet to be able to redirect itself. [12:27] It's in that space that a lot of times, there is an unintentional lack of organizational risk competency. That can contribute to not just conflict, but also misunderstandings about what's acceptable, in terms of taking on risk in pursuit of objectives. [12:49] Communication is something we focus on in the seminar "Facilitating Risk-Based Decision Making" quite a bit. [12:58] It is in the soft space of actively listening and identifying triggers in terms of perception of risk that have a huge impact on the decisions that an organization takes in risk and opportunity. It is challenging and time-consuming, but done correctly, it's super worthwhile! [13:27] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [13:49] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available starting on March 3rd. Links are in this episode's show notes. [14:04] Let's Return to Our Interview with Joseph Milan! [14:14] Joseph Milan will be hosting a workshop, "Facilitating Risk-Based Decision Making", on March 4th and 5th. Registration closes March 3rd. Justin says there is nobody better than Joseph to host this RIMS workshop. Joseph has a wide range of experience. [15:14] A risk practitioner may focus more on the traditional space, insurance. Joseph says ERM will not supersede traditional risk management. [16:06] A common mistake is that risk practitioners tend to get distracted by what they think are big numbers, but which pale in comparison to the big picture on the balance sheet. [16:36] A good solution to that mistake is to find influential people in the organization who are plugged into financial planning, analysis, and bud

    35 min

  7. 12/09/2025

    The Evolving Role of the Risk Analyst

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Andréia Stephenson, BSc SIRM, Enterprise Risk Analyst at London Metal Exchange, about her shift from a Bachelor of Science in biology to a risk analyst and risk professional. Andréia speaks of her passion for data and the importance of communicating at all levels of your organization. She regards working for different organizations with good leaders as a way to learn risk frameworks and gain foundational knowledge. She shares views on how risk analysts can influence risk culture. She also tells how she uses AI as an assistant. Listen for thoughts on building a risk-aware culture by asking leaders the right questions.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. Our guest today is Andréia Stephenson, BSc SIRM, Enterprise Risk Analyst at London Metal Exchange. She will discuss her career and the evolving role of the Risk Analyst. But first… [:43] RIMS-CRMP and Some Exam Prep Courses. From December 15 through the 18th, CBCP and RIMS will present the RIMS-CRMP Exam Prep Boot Camp. [:53] Another virtual course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:07] During the interview with Andréia, you will hear her reference the RIMS CRO Certificate Program in Advanced Enterprise Risk Management, which is hosted by the famous James Lam. Andréia is an alum of the program. [1:23] You can enroll now for the next cohort, which will be held over 12 weeks, from January through March of 2026. Registration closes on January 5th. Or Spring ahead and register for the cohort held from April through June of 2026. Registration closes on April 6th. [1:39] Links to registration and enrollment are in this episode's show notes. [1:46] Justin shares that RIMS suffered a tremendous loss in December. Chief Membership Experience Officer, Leslie Whittet, with RIMS for almost three years, tragically passed away due to injuries she sustained in an accident. She was walking her dog when she was struck by a truck. [2:18] Some of the RIMS staff, including CEO Gary LaBranche, knew Leslie from years prior. We are all shocked and saddened. Leslie was a remarkable association leader with 30 years of experience. [2:33] Gary LaBranche had the privilege of working alongside Leslie Whittet at the Association for Corporate Growth for nine years. For the last three years, Justin has had the pleasure of working with her at various RIMS events and seeing her weekly on our remote calls. [2:50] Leslie was always a source of positivity, inspiration, and creativity. She was just a wonderful person who will be deeply missed. Her memory is certainly a blessing. [3:03] RIMS will celebrate her memory at the Chapter Leadership Forum in Orlando in January. If you have any questions, please contact Josh Salter, jsalter@RIMS.org. Tributes are pouring in on LinkedIn and various networking groups. [3:22] If you have memories and photos you'd like to share, we encourage you to do so to honor her memory. [3:29] It wasn't easy to speak these words or read them, so I want to take a brief moment of silence to honor Leslie before we go any further. [3:44] On with the show! Our guest today is Andréia Stephenson. She comes to us all the way from London, where she's an Enterprise Risk Analyst for the London Metal Exchange. [3:57] You may know her a little bit from some promotional videos we've done on social media, promoting the James Lam CRO Certificate Course. In getting to know her, I was struck by how enthusiastic she was about her role as a Risk Analyst for years. [4:14] Many risk professionals begin as risk analysts; others, like Andréia, can make a thriving career of it. She's here to share some tips on how to do that, where ERM fits into the mix, and where she believes the role of the risk analyst will be going in the near future. Let's get started… [4:36] Interview! Andréia Stephenson, welcome to RIMScast! [4:47] Andréia may sound familiar to you because she did a testimonial on LinkedIn for RIMS for the James Lam CRO Certificate course. Justin says she was great to work with. That's how she and Justin met, and that's why she's here. [5:19] Justin notes that his voice is lower from "shouting" during the ERM Conference. Andréia looks forward to the RIMS ERM Conference 2026. [6:09] Andréia shares an overview of her career. She started at O.R.X., an operational risk data exchange association, where she learned all the principles of risk management. It gave her a strong background in operational risk. [6:36] From there, she went to London to go into a second-line risk management function as an analyst at a wealth management investment firm, then she went to a small investment bank, then to another wealth management firm, and now, to the London Metal Exchange. [7:00] They were all analyst roles, primarily operational risk, but also enterprise risk management. Risk has been part of her life for the last 10 years. The foundation was set by O.R.X. She holds the company close to her heart. [7:28] Andréia loves data. It's incredibly important for driving analysis. She says any analyst who doesn't love data is not an analyst! Data structure and data quality are very important for risk analysis, or any analysis. You need to love data to be able to do good risk management. [8:13] Andréia says that working in different organizations is important for risk management. It helps you connect the dots between the components of a risk management framework. [8:28] When Andréia started at O.R.X., she understood all the components, but she didn't join the dots until she went into the industry, hands-on, in the deep end, trying to figure out an RCSA, a KRI, or a KPI. Then, all the components of risk management started to make a bit more sense. [8:53] Andréia has always been fortunate to have worked with several exceptional leaders, each of whom had a kind of superpower in risk management that influenced her approach and understanding of risk. [9:07] Andréia's first manager at O.R.X. was tough and meticulous. She had a deep understanding of corporate governance and the boundaries between the risk types: strategic, financial, and non-financial. [9:22] At the time, Andréia didn't really appreciate how valuable the discipline was. She didn't understand yet. In hindsight, it gave her a strong foundation. Another CRO she worked with taught her the importance of communication in risk. [9:46] Aside from his technical ability, he understood stakeholder management at every level of the organization and how to translate the risk concepts for different audiences and build alignment. [10:00] Then she had a head of risk who was incredible with data, with an exceptional ability to quantify risk using analytics and evidence. Having a science degree, numbers were not Andréia's strongest area, but working with someone who pushed her helped her to become stronger. [10:25] Andréia thinks that working in risk in different organizations can help you build those thoughts. [10:32] Andréia has a Bachelor of Science degree in biology from the University of Bath in England. She's happy she decided not to pursue biology and took the risk road, instead. [10:55] Justin tells of recently having Kellee Ann Richards-St. Clair on the show. She's on the RIMS Strategic and Enterprise Risk Management Council. Kellee Ann started in Chemistry.l She moved into Energy and Power and became the de facto ERM Manager for her organization. [11:15] Kellee Ann and Andréia channelled other areas of knowledge to apply them to risk. For Andréia, the statistical side of biology has been helpful in risk management. James Lam states in his CRO Certificate program that risk is probability and statistics. Risk management isn't easy. [12:19] Andréia believes that legacy tools and practices fall short when they are disconnected from the organization's purpose, vision, mission, and strategic objectives. GRC systems have different modules: an RCSA module, a budding issue module, and an incident module. [12:49] Andréia hasn't seen a system that can connect the dots well. Risk practitioners don't always know how to connect the dots, either. An RCSA becomes isolated from the risk itself because people don't understand the context of those risks. [13:17] Working with business senior leaders to understand the context of your organization will help you to provide more valuable use of those tools and practices. [13:32] Andréia explains RCSA. It stands for Risk and Control Self-Assessment. It's a thought process. You sit down to understand what's most important to you, how much you care about it, and what you have in place to protect what's most important to you. [13:55] Andréia says the way we try to document that thought process is quite heavy. The industry requires that process to be complicated. Andréia recommends simplifying it. [14:20] To simplify it, have a process that's more sensible. The industry requires you to do assessments for inherent risk and residual risk. First, determine if a risk is important to you. If it's not important, why are you assessing it? [15:09] Andréia thinks the industry makes it difficult by requiring organizations to assess risks in a certain way, when it doesn't actually make sense. Managers have to have the courage to say it doesn't make sense for the organization, let's try a simpler approach. [15:34] Andréia uses screens, but sometimes pen and paper will do. Having that brainstorming session with the business really helps in trying to understand the purpose of what you do for your organization and where you fit in the strategic purpose of the firm. [15:51] What is most important to you, as

    30 min

  8. 12/02/2025

    Presilience and Cognitive Biases with Dr. Gav Schneider and Shreen Williams

    Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews two guests who presented at the RIMS ERM Conference 2025 in Seattle, Washington. First, Dr. Gav Schneider, Group CEO Risk 2 Solution Group and Founder, Institute of Presilience Risk 2 Solution, and second, Shreen Williams, Founder & CEO, Risky Business SW, LLC, and a member of the RIMS Rising Risk Professional Advisory Group. Dr. Schneider explained the meaning of Presilience and risk intelligence in ERM. Shreen Williams discussed the cognitive biases that can be mitigated through the six stages of an ERM Framework. Listen for insights into implementing an ERM Framework in your organization.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. Our interviews were recorded live on site at the RIMS ERM Conference 2025 in Seattle. Our guests are Dr. Gav Schneider and Shreen Williams. We're going to have fun in this episode! But first… [:48] The next Virtual RIMS-CRMP Exam Prep will be held on December 9th and 10th. From December 15 through the 18th CBCP and RIMS will present the RIMS-CRMP Exam Prep Boot Camp. [1:05] Another virtual course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certifications page of RIMS.org and through this episode's show notes. [1:18] RIMS Virtual Workshops! "Managing Data for ERM" will be led again by Pat Saporito. That session will start on December 11th. Registration closes on December 10th. RIMS members always enjoy deep discounts on the virtual workshops. [1:37] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:48] The RIMS CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live, virtual program that helps elevate your expertise and career in ERM. [2:01] You can enroll now for the next cohort, which will be held over 12 weeks from January through March of 2026. Registration closes on January 5th. Or Spring ahead and register for the cohort held from April through June of 2026. Registration closes on April 6th. [2:21] Links to registration and enrollment are in this episode's show notes. [2:25] This episode was recorded at the RIMS ERM Conference 2025. We've covered a lot of ERM ground in the last few episodes, and for those who want to catch up, I've included a link to the RIMS ERM Special Digital Edition of Risk Management magazine in this episode's notes. [2:49] RIMScast ERM coverage is linked as well. Enhance your ERM knowledge with RIMS. [2:54] On with the show! We are following up last week's episode with ERM Global Award of Distinction winner Sadig Hajiyev by featuring interviews with two of the presenters who appeared at the RIMS ERM Conference, Dr. Gav Schneider and Shreen Williams. [3:12] Long-time RIMScast listeners may remember Dr. Gav Schneider from an episode in November of 2023. We were delighted that he made the trip all the way from Australia to join us at the ERM Conference in Seattle. [3:27] Dr. Gav is the Group CEO at Risk2Solution Group and the Founder of the Institute of Presilience. The title of his session on November 17th was "Embedding Presilience and Risk Intelligence into ERM." This harkens back to his prior episode about wicked problems. [3:45] We're going to start there and discuss how presilience takes that thinking to the next level for ERM leaders, and we're going to get some of his risk philosophies and have a great time. Let's get to it! [3:56] Interview! Dr. Gav Schneider, welcome back to RIMScast! [4:24] Dr. Schneider is here at the RIMS ERM Conference for the first time. It's the second-highest-attended ERM Conference in RIMS history. His session, later today, is called "Embedding Presilience and Risk Intelligence into ERM." [4:54] On Dr. Schneider's last visit to RIMScast, he talked about wicked problems. How does presilience take that mindset and thinking to the next level for ERM? [5:08] Dr. Schneider says the core idea of ERM is about getting scalable decision-making, recording, and outcomes, in terms of risk, for your organization. More and more, our organizations are facing these wicked problems. [5:25] We can't function anymore in a world of absolutes. When we plug risk intelligence into the way we think, act, and plan, we become adaptive. We also become opportunity-centric. [5:37] A wicked problem is not easily solved. When you implement a solution, it often leads to more problems. You have to be able to learn. If you can't learn, you can't adapt. [6:17] What are the core components of the Presilience Framework? Dr. Schneider says, simplistically, we think about tackling risk at three levels: the self, the team, and the organization. Then we overlay that with people and process, connected through leadership. [6:34] To make that work, we have to develop a set of core attributes: situational awareness, critical thinking, enhanced decision-making, effective and directive coms, the ability to act and enact, and the ability to learn and grow. [6:46] When you can plug that into your architecture, leveraging insight, hindsight, and foresight, you then can make the right calls about whether or not to do something. It becomes an overlay model for most ERM-type structures, where we can plug the human piece into the system. [7:15] Dr. Schneider says the core aim of ERM turns risk management into a team sport, with everyone across an organization reporting, collaborating, and understanding to make great decisions about where the organization is and where it's going, not where we think it is. [7:32] To do that, we need to plug certain things into the ecosystem of the organization, some of which are policies, procedures, and tech. Most ERM experts do that. The piece that we've ignored is the human part, because it's hard. [7:49] Dr. Schneider has compiled The Organizational Risk Culture Standard. It took about nine months of work. It was a thorough process. Five experts wrote it, 15 peers reviewed it, and 11 organizations have approved it, endorsed it, and are supporting it. [8:09] For years, Dr. Schneider had heard that organizations would not focus on human-centricities that they couldn't measure. [8:17] Dr. Schneider's framework has 10 domains with a maturity model that aligns beautifully with RIMS's ERM Model. It's built to encapsulate and incorporate ISO 31000 and COSO. Dr. Schnieider has just released it, free to download. [8:39] Dr. Schneider is excited about presenting his session in a couple of hours. Everyone tells him that the RIMS ERM Conference is the sharp end of the spear, with the smartest risk people. The session is "Embedding Presilience and Risk Intelligence into ERM." [9:10] Session attendees will learn about risk intelligence. Dr. Schneider's definition is an applied attribute or living skill that enables you to seize upside opportunities while you manage potential negative outcomes. [9:44] When you speak of risk intelligence as a living skill and applied attribute, it becomes an ability to scale great decision-making. You want risk-intelligent people, working in risk-intelligent teams, empowered and structured into a risk-intelligent organization. [10:18] Dr. Schneider says if we can't get those three layers to integrate and work together, you get frustrated stakeholders. Get your ERM team working to get everyone to understand the basics of risk reporting, using the metrics, and sharing information. [10:33] Justin compares it to the gears in a watch. Dr. Schneider agrees; there's not one moving piece, it's a complex ecosystem in most organizations because humans are complex. We're relying on tech and on variables we don't control. [10:46] Dr. Schneider says, in the conference, everyone's accepted how disruptive the current climate is, how difficult it is to forecast, and how uncertainty and volatility are dominating. [10:59] With that in mind, we've got to think of it differently. You can't force people to adopt a system and think it will work. If you want to get a high-performance culture, ERM is an incredibly useful tool, but only if people want it, like it, want to use it, and understand the benefit it adds. [11:17] Dr. Schneider thinks ERM is going to take a massive leap forward because of generative AI and because we've done well in process-based risk management. There are models, standards, and tools we can reference on how to do this. [11:32] Why most organizations fail is that people don't understand people and the drivers people have. The one thing that Dr. Schneider would love people to take away from his session is that "I have to start with me." [11:43] Dr. Schneider continues. If I'm trying to get people to do something, I need to understand the voice in my head, what's coming out of my mouth, and what my actions are. If I can't control that, what makes me think I'm going to change organizational culture? [11:54] It starts with me. Then I can move to us, and we can get this high-performing risk team. If I can get a high-performing risk team, now we are ready to take it through the organization. We can be the real value-add. [12:06] The risk departments of the future are not going to be what they were or what they are now. They're not going to be compliance departments anymore. [12:14] Risk departments of the future are going to be insight, hindsight, and foresight departments. They're going to create understanding of what's happened, what's happening, and what we need to do to capitalize on opportunity, while we manage downside. [12:34] Dr. Schneider points out that if we're looking at the same thing, we see something different. That's great for managing bias, but terrible if we can't align because we'll each think we're ri

    26 min
See All (100)

Ratings & Reviews

4.6
out of 5
12 Ratings

About

The official podcast of RIMS, the Risk and Insurance Management Society. Tune in for weekly discussions about risk management hot topics, interviews with leaders in the profession, and updates on RIMS events and education.

Information

  • Creator
    The Risk and Insurance Management Society, Inc.
  • Years Active
    2018 - 2026
  • Episodes
    100
  • Rating
    Clean
  • Copyright
    © All content in RIMScast is the exclusive copyright of The Risk and Insurance Management Society, Inc. (RIMS)
  • Show Website
    RIMScast

You Might Also Like