Loading Events

« All Events

  • This event has passed.

Info Sharing Session: Building a Risk Aware Culture For Success

28 June, 2018


28 June, 2018

Building a Risk Aware Culture for Success

Presented by Mira Butler, Managing Director, Mira Consulting

Thank you very much Mira for your enlightening presentation at our BarnOwl info sharing event held at the BarnOwl offices in Bryanston on the 28th June 2018.

C:\Users\cheryl.heine\Desktop\20180628_085451.jpg C:\Users\cheryl.heine\Desktop\20180628_084133.jpg


Enhance your organisation’s ability to effectively manage uncertainty. Today’s business world is constantly changing. It’s unpredictable, volatile, and seems to become more complex every day- by its very nature, it is fraught with risk.


Enterprise risk management is a comprehensive, systematic approach for helping the organisation to identify, measure, prioritise and respond to the risks challenging its most critical objectives and related projects, initiatives and day-today operating practices. But, does your organisational culture reinforce your strategy and help you take the right decisions on risks?


Mira’s session explored ways in which to create a culture that re-enforces risk management as value adding and not a ‘tick box’ compliance exercise.

It’s up to us as Risk Managers

Risk Management is about working alongside the business to help them achieve their objectives and strategy but where we as risk practitioners often fall short is that we fixate on the policy, framework and the process of risk management rather than how we can add value resulting in risk management becoming a ‘tick box’ exercise and reactive rather than proactive. It’s how we approach our organisation and how we instil risk management within our organisation that matters!

Behavioural change

  • For organisations to manage their risks and meet their strategic objectives, the behavioural element has to change and the way we behave affects how we manage risk.
  • An integrated set of relationships influence risk culture: Individual level including personal perception to risk and personal ethics; Organisational culture including Sociability (people are doing things for each other because they want to) and Solidarity (high task focus, common tasks, shared goals and mutual benefits)
  • The IRM proposes a simple A-B-C approach to risk culture:
    • Risk attitude (position adopted by employees towards risk which is influenced by their perception and predisposition)
    • Risk behaviour (risk-related actions, decision-making, processes and communication) and
    • Risk culture (values, beliefs, attitudes and knowledge about risk)

C:\Users\cheryl.heine\Desktop\20180628_083923.jpg C:\Users\cheryl.heine\Desktop\20180628_083835.jpg

Changing the Risk Culture

  • The culture change should be treated as a change management project in its own right with appropriate allocation of board time and resources
  • Successful change requires awareness that the board itself, and the Executive management are an integral part of the existing risk culture
  • Sustained change in the risk culture needs to start at the top

Elements of good risk culture

  • Distinct and consistent tone from the top
  • Commitment to ethical principles
  • Clear accountability and ownership for risks
  • Transparent risk information communicated without fear or blame
  • Processes and activities within an organisation must be clearly understood
  • Appropriate risk behaviours- encouraged and understood
  • Inappropriate behaviours- challenged and sanctioned
  • Risk management skills and values valued and correctly resourced
  • Status quo challenged
  • Employee engagement and people strategy

Impact of inappropriate risk culture

  • Hamper the achievement of strategic, tactical or operational goals
  • Allow for activities that are at odds with policies or procedures
  • Could lead to reputational and financial damage
  • Often the root cause of organisational scandals and collapses
  • Lead to uncontrolled risk taking- risk frameworks and policies that stifle risk-taking or innovation

In Summary

Risk frameworks and polices are important however they are not sufficient in themselves. What is essential is the behavioural element; how people behave in an organisation and how they react and perceive risk. It is also essential for risk practitioners to engage with business as trusted advisors adding value to strategic and operational decision making. Get buy in from the top and build trust, build rapport, have conversations; explain the ‘why’ you need risk management and the ‘how’ becomes easier. Risk management is a day to day activity and needs to be instilled in the organisation. Optimal decision making is about balancing risk and reward successfully.

Once again thank you Mira for your time and for your informative presentation. You can download Mira’s presentation here and view a video recording of the info sharing session here.

C:\Users\cheryl.heine\Desktop\20180628_083523.jpg C:\Users\cheryl.heine\Desktop\20180628_084244.jpg

Written by: Jonathan Crisp

Director – BarnOwl GRC and Audit software

About Mira Butler:

Mira Butler has over seven years of Risk Management experience in the corporate environment. Mira’s area of focus is in Enterprise Risk Management (ERM), working with companies to establish risk governance and enhance ERM processes through identification, analysis and management of enterprise-wide and operational risks.

About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 200 organisations in Africa, Australasia, Europe and the UK. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.

See www.barnowl.co.za

Subscribe to BarnOwl's Information Portal

Subscribe to BarnOwl’s information portal today and receive our monthly newsletter with the latest GRC and audit insights, industry updates, priority access to exclusive events, tip of the month and more straight to your inbox!


GRCReady is the official provider of risk management content for the BarnOwl GRC software solution. GRCReady provides extensive risk libraries and risk maturity checklists/surveys which are integrated with BarnOwl.

GRCReady, based in Australia, offers a comprehensive and holistic library of products and associated services including templates, policies, procedures, guidelines, checklists etc. to help owners and directors of SMEs, startups and corporates to satisfy their corporate governance, risk management and regulatory compliance needs.

By integrating GRCReady's rich content libraries into BarnOwl's GRC software, we are able to offer our clients a state of the art, turnkey GRC solution.

GRCReady provides, arguably, the most comprehensive risk and governance maturity assessment framework with detailed steps and artefacts. BarnOwl's survey and action plan portal provides a simple and effective way to monitor and report on your current state of risk maturity and suggest and drive remedial action plans to take you to your desired state of risk and governance and maturity.

By integrating GRCReady's risk libraries with the BarnOwl GRC software, means that you don't have to start from scratch. In addition, ongoing updates and insights keep you informed and up-to-date on best practices.



Season Rhyrhm is BarnOwl's preferred partner in Botswana assisting with BarnOwl implementations, support services and client relationship management.

Season Rhythm is an established and distinguished player in the ICT sector in Botswana, specialising in a range of cutting-edge solutions. Season Rhythm leverages BarnOwl to provide tailored GRC&A services to businesses in Botswana facilitating:

  • Governance: Enabling organisations to establish and uphold effective governance structures, ensuring transparency and accountability in decision making processes.
  • Risk Management: Equipping businesses with tools to identify, assess and mitigate risks, safeguarding against potential threats and ensuring continuity in a business environment.
  • Compliance: Ensuring adherence to regulatory frameworks and industry standards, protecting businesses from non-compliance penalties and fostering trust among stakeholders.
  • Audit: Streamling the audit process with comprehensive tools for planning, execution and reporting, driving efficiency and accuracy in internal audit and compliance assessments.
  • www.sr.co.bw/ict


BarnOwl works closely with NSA in the field of GRC and assurance.

NSA is an education and risk & assurance advisory services provider, consisting of a team of professional consultants and facilitators who have been hand-picked on experience and expertise. NSA services include:

  • Strategic intervention: 30 expert consultants facilitating strategic planning, combined assurance, effective governance and risk management assignments.
  • Continuous professional development: CPD training for internal auditors, external auditors, accountants, risk managers, government officials, and psychologists.
  • Online learning: accredited training for the local government sector, including the Municipal Financial Management Program and Supply Chain Management.
  • Online skills development: skills in demand for 2030, including cybersecurity, Protection of Personal Information, Artificial Intelligence, Robotics and programming.

BarnOwl and NSA work closely with our clients to align and enable best practice GRC and assurance framework & methodologies within BarnOwl. NSA regularly presents online information sharing sessions together with BarOwl.



Nico Technologies is BarnOwl's preferred partner in Malawi assisting with BarnOwl implementations, support services and client relationship management.

Nico Technologies Limited is an established IT products and services provider in Malawi, specialising in managed IT services, IT infrastructure services, IT project management, digital solutions, digital transformation and IT advisory.

Nico Technologies uses BarnOwl extensively within their own organisation to automate and manage their own risk and compliance functions.



Morgan Solus is BarnOwl's preferred business continuity specialist consulting firm with its 'BCM toolkit' software. BarnOwl GRC together with the BCM toolkit, provides a comprehensive risk management and BCM software solution.

Morgan Solus is a specialist consultancy firm focusing on risk, resilience and continuity. Morgan Solus's core services are centred on resilience, crisis management, business continuity (BCM), IT services continuity and disaster recovery (DRP) and training.

The BCM toolkit ensures a consistent approach to implementing BCM and IT disaster recover and cuts down implementation timelines by 60% whilst driving up successful outcomes.

BarnOwl's extensive GRC and assurance functionally coupled with Morgan Solus's BCM toolkit provide the ultimate risk management and BCM software solution.



Arbutus Analytics is Barnowl's preferred data analytics software. BarnOwl GRC integrated with Arbutus Analytics, provides the ultimate in continuous risk monitoring.

Arbutus Analyzer is a powerful data access and analysis solution specifically developed for auditors, business analysts, and fraud investigators. Its robust performance and user-friendly features offer you the ability to access and analyse data quickly and simply.

BarnOwl GRC, integrated with the real-time metrics from Arbutus provides a strategic early warning system driving preventative and predictive capability facilitating effective business decision making business improvement.

www.arbutussoftware.com with local sub-sahara African distributor www.betasoftware.co.za


Barnowl works closely with Pax Resilience in the field of GRC and sustainability.

Pax Resilience offers solutions in risk, resilience and cyber security. Pax Resilience strive to create peace of mind by assisting you to build the resilience in your organisation so essential to survive and thrive in the volatile, uncertain, complex and ambiguous world we live in.

Pax Resilience regularly presents online information sharing sessions together with Barnowl.



Paige Law is the official provider of compliance content for the Barnowl GRC software solution. Paige Law provides an extensive Library of South African acts including provisions [CRMPs] and checklists which are integrated with Barnowl.

Paige Law specialises in compliance, Commercial Law, Legal process consultancy, managed legal services and POPIA/ GDPR.


Registered Address

75 Malibongwe Drive
Linden Ext
South Africa

Postal Address

PO BOX 3009


+27 (0) 11 540 9100


More Information: info@barnowl.co.za
Product Support: support@barnowl.co.za

Let Us Contact You
Let Us Contact You
I grant BarnOwl permission to contact me for marketing purposes*
*You will receive BarnOwl monthly newsletters & invitations to online events. You can unsubscribe at any time.


If you need assistance with your BarnOwl software, there are three channels available to you:



You will be emailed a ticket number from our issue tracking system and your request will be managed in
this ticket until it is completed.


You can view all your existing tickets or create new ones.


+27 (0) 11 540 9112
to speak to a support consultant

Let Support Contact You
Let Support Contact You