top of page




When change occurs, risks and opportunities increase.  The first step in managing change is to create awareness.  


What is the magnitude of the change and whom will it impact? 


The next step requires an assessment of risks and opportunities related to the change.  Checklists are a good tool to use to complete assessments.  We have some sample online checklists related to change management that we can provide to you.  


Some of the change management steps may require training to accomplish.  We can help you to identify which training courses will help to facilitate your change management efforts.  


Below we have some examples of how training and checklists can help to align appropriate risk solutions with risk decisions. 






Of course, we cannot discuss risk management today without focusing on the COVID-19 pandemic that shut down much of the world as we knew it. The change has been so significant, new work rules including work from home have been established.  


Many bankers have participated in the Federal government’s CARES Act Payroll Protection Program to help small businesses affected by mandatory closures.  Once the Federal government stimulus programs end, there will be some businesses that will not recover. Loan losses may increase as a result.  However, over the ten years leading up to the pandemic, loan losses have been minimal.  


Few bankers have recent training in handling loan workouts.  Our training programs and checklists available through TamingRisk Academy ( address such issues as when to report Troubled Debt Restructurings (TDRs) and how to minimize losses related to small business bankruptcies. 




All businesses need revenue to exist.  The Financial Accounting Standards Board (FASB) issued a new standard for accounting for revenue and all business will need to comply.  There are five steps to follow:

  • Step 1: Identify the contract with a customer

  • Step 2: Identify the performance obligations in the contract

  • Step 3: Determine the transaction price

  • Step 4: Allocate the transaction price to the performance obligations in the contract

  • Step 5: Recognize revenue when (or as) the entity satisfies a performance obligation

If learning about these steps was not difficult enough, the COVID-19 pandemic came along and created a new challenge – collectibility.  A business must assess whether they will collect all the transaction price when they enter the contract with the customer.  If it is probable that the customer will pay, then the business can recognize the revenue.  During the pandemic, many businesses have been concerned that their customers will not be able to pay.  If that happens, then they cannot recognize revenue from those transactions.  What happens when the bank holding the business loan asks for updated financial statements and those statements show declining revenue?  The bank could be concerned that the loan will not be collectible. It is important for businesses to understand how to properly apply the new revenue recognition accounting guidance prior to submitting updated financial statements to their bank.  It is also important that bankers understand revenue recognition to properly analyze their client’s financial statements.  TamingRisk Academy ( offers a course and a checklist on how to recognize according to the updated FASB guidance.  




Protecting customer data is a serious matter.  Hackers are good at gaining access to customer data but informed and trained employees can prevent attacks.  


Email is a top choice for hackers, so organizations should focus their training efforts on teaching employees how to recognize phishing emails or those emails that could infect computer systems if an employee does not recognize the threat.  It only takes one breach to compromise customer data.


TamingRisk Academy ( offers short courses on how to recognize and avoid phishing email attacks as well as other types of cybersecurity attacks.  We also have checklists to help you secure your email servers such as Microsoft Exchange or another outsourced email service. If a breach does occur, we offer training and checklists on information security incident response.  




Internal auditors routinely watch for change to spot potential inefficiencies or fraud.  For instance, have employee work habits changed?  If so, why?  Are certain employees reluctant to be away from work for more than a day or two?  If so, why?  Has a manager suddenly been approving larger invoices?  If so, why?  


When someone changes what they are doing, the change may be warranted or required.  The change may be based on a Board or management directive.  However, an internal auditor will need to verify that the change was authorized.  The auditor must also determine if sound internal controls are put in place consistent with the change. 


Well trained and experienced internal auditors can be essential to ensuring that the Board’s mission and governance efforts are being followed and implemented properly.  TamingRisk Academy ( offers training courses and checklists for conducting internal audits.  

bottom of page