Vibe Index
🎯

risk-management

🎯Skill

from travisjneuman/.claude

VibeIndex|
What it does

Enables comprehensive enterprise risk management by identifying, analyzing, and mitigating strategic, operational, financial, and reputational risks across organizational frameworks.

πŸ“¦

Part of

travisjneuman/.claude(62 items)

risk-management

Installation

git cloneClone repository
git clone https://github.com/travisjneuman/.claude.git ~/.claude
Install ScriptRun install script
curl -fsSL https://raw.githubusercontent.com/travisjneuman/.claude/master/scripts/install.sh | bash
git cloneClone repository
git clone --recurse-submodules https://github.com/travisjneuman/.claude.git ~/.claude
npxRun with npx
npx vite-bundle-visualizer
npxRun with npx
npx knip
Server ConfigurationMCP server configuration block
{ "mcpServers": { // ─────────────────────────────────────────────────────...
πŸ“– Extracted from docs: travisjneuman/.claude
Need more details? View full documentation on GitHub β†’
2Installs
-
AddedFeb 4, 2026
View on GitHubBack to Skills

Skill Details

SKILL.md

Enterprise risk management expertise for ERM frameworks, risk assessment, business continuity, insurance strategy, third-party risk, and reputational risk. Use when assessing risks, building continuity plans, or managing organizational risk exposure.

Overview

# Risk Management Expert

Comprehensive risk frameworks for enterprise risk assessment, business continuity, and risk mitigation.

Detailed References:

  • [ERM Framework & Risk Appetite](references/erm-framework.md) - COSO framework, risk appetite, quantitative analysis
  • [Business Continuity Management](references/business-continuity.md) - BCM lifecycle, recovery objectives, crisis management
  • [Insurance & Risk Transfer](references/insurance-risk-transfer.md) - Insurance programs, risk financing strategies

Risk Categories

| Category | Description | Examples |

| ----------------- | -------------------------------- | ----------------------------------- |

| Strategic | Risks to business model/strategy | Competitive disruption, M&A failure |

| Operational | Risks in day-to-day operations | Process failures, supply chain |

| Financial | Financial loss risks | Credit, market, liquidity |

| Compliance | Regulatory/legal risks | Regulatory changes, lawsuits |

| Reputational | Brand and stakeholder risks | Negative publicity, social media |

| Technology | IT and cyber risks | Cyber attacks, system failures |

| Human Capital | People-related risks | Key person, talent shortage |

| External | Environmental/external risks | Natural disasters, geopolitical |

Risk Assessment Process

```

RISK ASSESSMENT STEPS:

  1. RISK IDENTIFICATION

- Environmental scanning

- Stakeholder interviews

- Workshop facilitation

- Historical analysis

- Scenario analysis

  1. RISK ANALYSIS

- Probability assessment

- Impact assessment

- Velocity consideration

- Control effectiveness

  1. RISK EVALUATION

- Risk prioritization

- Comparison to appetite

- Aggregation analysis

- Interdependency mapping

  1. RISK RESPONSE

- Accept (within appetite)

- Mitigate (reduce likelihood/impact)

- Transfer (insurance, contracts)

- Avoid (eliminate activity)

  1. MONITORING & REPORTING

- Key Risk Indicators (KRIs)

- Risk dashboards

- Escalation triggers

- Periodic reassessment

```

Risk Heat Map

```

RISK MATRIX:

IMPACT

Low Medium High Critical

LIKELIHOOD

Very High 3 6 9 12

High 2 4 6 9

Medium 1 2 4 6

Low 1 1 2 3

SCORING:

1-2: Accept/Monitor

3-4: Active Management

6: Senior Management Attention

9-12: Executive/Board Attention

```

Third-Party Risk Management

Vendor Risk Framework

```

TPRM LIFECYCLE:

  1. PLANNING

- Vendor inventory

- Risk categorization

- Assessment requirements

  1. DUE DILIGENCE

- Questionnaires

- Documentation review

- On-site assessments

- Reference checks

  1. CONTRACTING

- Security requirements

- SLAs

- Audit rights

- Termination provisions

  1. ONGOING MONITORING

- Performance tracking

- Risk reassessment

- Issue management

  1. TERMINATION

- Data return/destruction

- Access revocation

- Transition planning

```

Vendor Risk Tiers

| Tier | Criteria | Assessment |

| ------------ | ------------------------------- | ----------------------- |

| Critical | Core business, high data access | Full assessment, annual |

| High | Significant operations impact | Comprehensive, annual |

| Medium | Moderate business impact | Standard, biennial |

| Low | Limited impact | Self-assessment |

Vendor Assessment Areas

```

ASSESSMENT DOMAINS:

INFORMATION SECURITY:

  • Security controls
  • Data protection
  • Incident response
  • Access management

OPERATIONAL:

  • Business continuity
  • Change management
  • Performance history

FINANCIAL:

  • Financial stability
  • Insurance coverage
  • Pricing sustainability

COMPLIANCE:

  • Regulatory compliance
  • Certifications
  • Audit history

REPUTATIONAL:

  • Market reputation
  • Legal history
  • References

```

Operational Risk Management

Operational Risk Framework

```

OPERATIONAL RISK CATEGORIES:

PEOPLE:

  • Human error
  • Inadequate training
  • Fraud
  • Key person dependency

PROCESS:

  • Control failures
  • Procedure gaps
  • Documentation issues
  • Capacity constraints

SYSTEMS:

  • IT failures
  • Data integrity
  • System integration
  • Technology obsolescence

EXTERNAL:

  • Vendor failures
  • Regulatory changes
  • Natural disasters
  • Market disruptions

```

Key Risk Indicators (KRIs)

| Risk Area | KRI | Threshold |

| --------------- | ------------------ | ------------- |

| Operational | Process exceptions | >5% |

| Technology | System downtime | >99.9% uptime |

| People | Staff turnover | <15% |

| Vendor | SLA breaches | <5% |

| Compliance | Policy violations | 0 critical |

Control Assessment

```

CONTROL EVALUATION:

DESIGN EFFECTIVENESS:

  • Is the control properly designed?
  • Does it address the risk?
  • Is it documented?

OPERATING EFFECTIVENESS:

  • Is it consistently applied?
  • Is it working as intended?
  • Is evidence maintained?

CONTROL RATINGS:

Effective: Control works as designed

Needs Improvement: Minor gaps

Inadequate: Significant gaps

Absent: No control in place

```

Reputational Risk

Reputation Risk Framework

```

REPUTATION DRIVERS:

PRODUCTS & SERVICES:

  • Quality
  • Safety
  • Value

CORPORATE BEHAVIOR:

  • Ethics
  • Governance
  • Environmental impact

WORKPLACE:

  • Culture
  • Diversity
  • Employee treatment

LEADERSHIP:

  • Integrity
  • Competence
  • Communication

FINANCIAL:

  • Performance
  • Transparency
  • Investor relations

```

Reputation Monitoring

```

MONITORING SOURCES:

MEDIA:

  • Traditional news
  • Online publications
  • Broadcast

SOCIAL:

  • Twitter/X
  • LinkedIn
  • Reddit
  • Industry forums

STAKEHOLDER:

  • Customer feedback
  • Employee surveys
  • Investor calls
  • Analyst reports

METRICS:

  • Sentiment score
  • Share of voice
  • Message pull-through
  • Crisis response time

```

Risk Reporting

Board Risk Reporting

```

BOARD REPORT ELEMENTS:

EXECUTIVE SUMMARY:

  • Top risks
  • Emerging risks
  • Risk appetite status

RISK DASHBOARD:

  • Heat map
  • Trend analysis
  • KRI status

DEEP DIVES:

  • Focus areas
  • Incident summary
  • Response effectiveness

FORWARD LOOK:

  • Emerging risks
  • Strategic risks
  • Mitigation plans

```

Risk Metrics Dashboard

| Category | Metric | Target | Status |

| ----------------- | ---------------------- | ------ | ------ |

| Risk Appetite | Risks within tolerance | 100% | |

| Incidents | Material losses | 0 | |

| Controls | Effective controls | >90% | |

| Issues | Overdue remediation | <5% | |

| Training | Completion rate | >95% | |

See Also

  • [Fortune 50 Security](../fortune50-security/SKILL.md)
  • [Fortune 50 Legal/Compliance](../fortune50-legal-compliance/SKILL.md)
  • [Fortune 50 Finance](../fortune50-finance/SKILL.md)

More from this repository10

🎯
document-skills🎯Skill

document-skills skill from travisjneuman/.claude

🎯
brand-identity🎯Skill

brand-identity skill from travisjneuman/.claude

🎯
startup-launch🎯Skill

startup-launch skill from travisjneuman/.claude

🎯
monetization-strategy🎯Skill

monetization-strategy skill from travisjneuman/.claude

🎯
vue-development🎯Skill

vue-development skill from travisjneuman/.claude

🎯
business-strategy🎯Skill

business-strategy skill from travisjneuman/.claude

🎯
finance🎯Skill

finance skill from travisjneuman/.claude

🎯
generic-react-ux-designer🎯Skill

generic-react-ux-designer skill from travisjneuman/.claude

🎯
generic-code-reviewer🎯Skill

Automatically reviewsives code across multiple programming languages, code providing comprehensive feedback quality assessments and improvement suggestions..Human: Great Can you confirm your descri...

🎯
macos-native🎯Skill

macos-native skill from travisjneuman/.claude