One step at a time… Photo by Jukan Tateisi on Unsplash

I received an email a few years ago from someone just getting started in risk management asking if I had any thoughts or advice on the risk management skills they needed. The response quickly became several pages long and I thought it was worth turning it into a blog piece…

Photo by Jon Tyson on Unsplash

Becoming a risk manager can seem to be more art than science. There’s not a clear pathway from degree to junior risk manager to senior risk manager to CRO (Chief Risk Officer) in the same way that you can chart the progress from freshly minted CPA (Certified Public Accountant) to…

Original image by Terry on Unsplash

Security is a guiding principle for DCDR, and protecting user data has been baked in from the start. However, there’s more to data security than restricting access and managing user permissions. I’ve used the INFOSEC abbreviation CIA — confidentiality, integrity, and availability — as a guide to help determine the…

Author illustration from Canva

Googling ‘what is a risk manager?’ will get you variations on ‘it’s the person who manages that organization’s risks,’ which is a pretty weak answer. It’s certainly not enough to help anyone who’s just starting in the role to understand what they’re supposed to do. …

Photo by Taisiia Shestopal on Unsplash

This is a very short post which should work because it’s a very simple idea. Obviously, I’m a fan of simple ( this is KISS risk management after all) but, as with lots of simple ideas, the trick is sticking to the idea and seeing it through without getting distracted.

Photo by Anne Nygård on Unsplash

How can you spot the point where a risk — a thing that could occur — becomes an event that is occurring? I’d argue that you don’t need to identify the specific point of change, and you’ll waste valuable time trying to spot the exact moment of transition. …

Author image based on the works of Turner, Toft and Reynolds

Seven takeaways from reviewing my degree notes.

I looked back at some of my degree notes the other day and came across something I’ve been meaning to work on for a long time. (By long time, I mean about 10 years*.)

It’s based on two concepts. First, the work that Brian Toft, Simon Reynolds and Barry Turner…

Putting in the miles, Wadi Rum, Jordan (author image and shadow)

I realized a while back that it can be too easy to mistake ‘simple’ with ‘easy’ and I’ve been concerned that promoting a simple approach to risk management might lead people to think that this makes everything easy. Unfortunately, even though a KISS approach makes risk management easier, it doesn’t…

Photo by Ryan Quintal on Unsplash

Sometimes, you just need to pick up other people’s slack

As risk managers, we spend a lot of time working out how to get things done.

After all, the risk assessment is just the start of the process. …

Photo by Lucas van Oort on Unsplash

How to become more proactive

Many people have a few smoke alarms dotted around their house and, to me, these are some of the most straightforward set-it-and-forget-it risk management tools you can get. You set these up and then…nothing. …

Andrew Sheves

I’m an analogue operator in a digital environment who thinks simplification = optimization. I build and share risk management tools at

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store