Official Web Site of Substance For You
Cart 0

Corporate Risk Assessment Aiding Recovery!

ad hoc comp computer computers computing defence defense officers recovery risk risk assessment three lines of defence treatment

The Three Lines of Defence for Corporate and Enterprise Software: A Complete Overview in Relation to Addiction and Mental Health Recovery


INTRO: With many years of growing up around a father who traveled for work that I had no idea about what it was until I became old enough to understand words like governance, risk assessment, or compliance, and it was pretty evident that his understanding of large operating systems was beyond me. And as I grew older I started to contemplate if I could do what he does for a living, or even for fun. I tried to do that with my first year in college while getting into big data systems, but it wasn't for me. Although, that didn't mean that I didn't appreciate his work, and in fact, it paid off in massive dividends to listen to his conference calls about things like Ad Hoc and larger compliance issues.

Thankfully today, if he asked me what I'd learned while listening to his business and tech savvy phone calls, I could say that I understand a lot now, because my life itself is needing risk assessment each and every day. So with what I learned, I created a groundbreaking new way to relate—maybe even your—business world into my addiction recovery, for healing and practical purposes of betterment...

Ps. Thanks dad! You're one smart cookie!


PART 1: In the new age of business, technology, and control it’s important to have a diverse team of enterprise risk management specialists, internal auditors, compliance officers, fraud investigators, among many other risk and control professionals working together to help their company manage, mitigate, and reduce risk. Each proponent to each job requires a special outlook on how the operations should be run. Specific skills are needed in each area to defend from different types of risks that can arise at different levels within or without the company. This is where The Three Lines of Defence plays an important, if not the most important role to managing risk properly.


Relations to Recovery:

"If we were to see this in relation to addiction recovery, or treatment for example, we would notice that business and technology has risks just like recovery does. For example, in recovery we are looking to minimize relapse and maximize our quality of life. And in technology we are looking to minimize the risks of product failure or other failures that would lead to catastrophic—or death like scenarios—for the company or individual; whatever way you want to look at it. And then we are also looking to maximize profitability and access to a better system for overall quality assurances. I mean, who doesn't want a better life, system, or fail-proof way to go about business, or even your life? That's exactly where the Three Lines of Defence will cover your back at each level, with different levels of supervision, by different trained professionals and/or tools, software, and compliance regulations for once again, quality assurance of software or your recovery!

As specified, each role has a different outlook and requires different ways the operation should be run. And if we are to relate corporate risk management to a treatment or rehabilitation setting it's safe to say we would take the same approaches. For example, you would need a different type of doctor to treat mental health than you would a physical ailment, or at least someone prescribed in maintaining health during dual diagnosis. Now for reducing risk we would have especially equipped therapists in this field of recovery, just like someone would be quality controlling the product and it's "implementation" into society, like a therapist would for any sort of client… or product for enterprise solutions."


PART 2: The challenge with managing risk is that without a proper line of Defence there will always be gaps that your company will be at risk for. If each of the three lines—operational management, senior management, and ad hoc risks—are not identified and managed appropriately, without overlap, your company will be at risk that could damage it to the point of no return. So it’s important to assign specific roles to each level of Defence to control risk properly. But there must be clear cut responsibilities of each group so that the control professionals understand and stay within regulatory boundaries. This is to make sure that the organizations functional needs are fit and met for benefit, and not a loss of control.


Relations to Recovery:

It's important to note that with recovery there are going to be gaps in life that we need to address, as stated above. It seems to be that the "Three Lines of Defence" are a universal protocol for avoiding catastrophic events, like software failure, or company misalignment. Or on another note what could be catastrophic if we don't implant a sober support system into place, where we are addressing key issues in addiction recovery the catastrophic risk could be our lives, just like product failure. So these specific roles that will be put into place are things like a sober mentor/sponsor, therapy (if needed), and other practical recovery lifestyle changes like getting rid of old places and faces to clear out the old "viruses" in our lives.

courtesy of QAP Advice & Audit

COMPREHENDING: Without each of The Three Lines of Defence understanding and operating within their given boundaries things for the company can get problematic. There must be a cohesive bond between each of The Three Lines of Defence to limit risk and control resources so that deployment of risk management operations will be effectively implemented, along with significant risks being identified appropriately and managed with extreme care.

This is why The Three Lines of Defence model gives companies efficient, effective, and reliant ways to enhance communications between regulatory divisions on risk management, to keep risk under control. It creates many positives for a company to benefit from. One of these being a fresh outlook at each level and throughout different types of operations by designated officers trained specifically for each task, minimizing risk. It’s appropriate for any organization regardless of type, size, or diversity in operations. The Three Lines of Defence will enhance clarity among the most difficult of risk problems, creating a smooth operating system in your business, today.  

Relations to Recovery:

As stated above one of the most crucial parts to risk, as well as recovery is having that fresh outlook so we can completely change our old ways of thinking and execute a complete lifestyle change to change the old behavior into one that will avoid risk and keep us—and our software—healthy and clean. For example this sentence is most crucial, "One of these being a fresh outlook at each level and throughout different types of operations by designated officers trained specifically for each task, minimizing risk."

We need that sober support system to help us along the way, with each person giving a new point of view and helping guide us away from relapse and into a complete and overall lifestyle change… just like you'd get from implementing fail-proof software with the right adherences in place!


So it's safe to say that the corporate model of risk avoidance and assessment can play a very crucial part into anyone's recovery, as long as we look at it from the right lenses and have the right type of tools to implement into our newfound sobriety! Because isn't that what support is all about? Covering your bases to avoid relapse, or risk, for a better overall quality of life… or better yet, a fully functioning system?

RISK ASSESSMENT RISK ASSESSMENT     Corporate Risk Assessment Aiding Recovery! (Overview) logo=

Older Post Newer Post

  • Andrew on

    Great read! As a finance major, a great deal of my studies are dedicated to the assessment or risk. There are four ways a business can approach risk; assumption, mitigation, transfer, or avoidance. It is obviously the most beneficial to avoid undertaking any unnecessary risk, but in the business world it is nearly impossible to completely forego risk altogether. Therefore, next to avoidance, risk mitigation techniques tend to be the main focus of organizations. These techniques amount to a company assuming the least amount of risk as possible to maximize profitability, innovation, and overall growth.

    Of the four approaches to risk, I believe these two directly relate to recovery. It is always best to completely avoid the chance for relapse (unnecessary risk) wherever possible. However, as you and I both know, it is impossible to entirely relinquish these risks. Hence, the majority of our efforts are put into mitigation techniques, mainly learning to deal with the pressures of reintegrating into what is seemingly everyday life for most people, but an eternal battle for others.

    I personally feel that the strongest relation between successful risk mitigation methods and success in recovery stems from the implementation of internal controls. In the report to the nations made by the Association of Certified Fraud Examiners, businesses that were most often the victims of white-collar crime were those who were unsuccessful in employing proper internal controls. Similarly, in terms of recovery, utilizing internal controls is of paramount importance. Instilling a system of checks and balances with our family, friends, sponsors, or support groups, can be crucial to the chances of being successful in recovery.

    Awesome article Brian! Truly great correlations between risk assessment and methods employed in recovery. Bravo sir

Leave a comment

Please note, comments must be approved before they are published