About Brandon Righi

Brandon Righi is RIMS’ program and content manager.

Weighing In on Stand-Up Workstations and Exercise Balls

Stand-up workstations and exercise balls used for sitting in place of an office chair are gaining popularity. This has been fueled by reports of workers at Google, Facebook and other companies trading in their chairs to stand, or bounce, while working. They cite studies of the harm that hours of sitting can do.

Even here at the RIMS office several employees prefer sitting (or bouncing) on exercise balls to the familiar rolling desk chair, or working at a stand-up desk. Risk professionals have long been discussing the merits and downsides of these two popular choices.

But are these alternative ergonomic preferences really that beneficial?

Recently in an online discussion, some members of the RIMS Opis community said they were not in favor of exercise balls as ergonomic solutions. A risk manager in Oregon stated it bluntly: “Exercise balls should be limited to fitness programs. Your [workers comp] will own the injury if an employee slips off the ball and hits [his or her] head or has a soft tissue injury from the fall.” Several other commenters agreed that the balls are unstable and their use is discouraged or officially prohibited.

A CEO said: “While great for encouraging engagement of your core muscles during exercise, [balls] are not good for sitting at a workstation and in fact, research shows, increase your risk of ergonomic injury.”

In fact, some research has found their benefits negligible. A study of 28 subjects found that exercise or chair balls offer no advantages over a traditional workplace chair. According to a study by BioMed Central:


The results showed no significant difference with regard to spinal curvature between seating types. Initial sitting curvature was found to increase significantly over 30 minutes in both the desk chair and stability ball. In addition the results of the usability questionnaire showed a significant difference in three of the eight questions, in favor of the desk chair.


No benefits were found through sitting on a stability ball over that of a desk chair in prolonged sitting as both seating types were found to replicate a poor sitting position through a kyphosed [outwardly curved spine] and slumped posture. The clinical implications of this study serve to benefit any healthcare professional considering use of the stability ball as a replacement desk chair.

In another online comment, a Missouri risk manager suggested a compromise, elaborating that while his organization allows their use, “They cannot be free-standing balls… they must be part of a chair ball with wheels and a seat backing.”

Stand-up desks received more positive feedback. Several risk professionals cited research equating excessive sitting and sedentary lifestyles with serious chronic health problems. A number of commenters shared anecdotes about how stand-up workstations have helped employee health issues. Several users noted that in their newly renovated, or soon-to-be-renovated, offices, stand-up workstations are de rigueur.

Who pays for these workstations? Most who commented said, or implied, that their companies foot the bill for stand-up desks if an employee requests them. Most seem willing to make the investment based on reports that providing ergonomic options can reduce workers comp claims.

Not all are sold on the benefits, however. A commenter from Chicago said, “As odd as it sounds, stand-up desks may not be wholly safe…. People get tired and fall down using them. And there is no confirmation standing is less stressful than sitting. Folks very quickly started to complain of sore hips, knees, feet and spines.”

A Virginia risk manager shared the wisdom of moderation and the middle ground, saying, “While sitting is bad—and the motive for getting a standing desk—standing all day can cause myriad lower back, leg and feet issues. It would be similar to what risk managers at grocery stores have to deal with their cashiers on their feet all day. Interspersing standing with sitting is key.”

Some researchers agree with this conclusion. A New York Times article reported that 15 minutes per hour at a standing workstation is recommended over standing all day.

Mitigating Environmental Risks at Argos

Ana Maria Duque is the environmental assessment manager at Argos in Colombia. Here’s what she had to say about the environmental challenges her company faces.

RMM: Please describe what you do for Argos.

AMD: In my current role as environmental assessment manager, I oversee planning and implementation of the processes related to environmental assessment of projects, water and biodiversity management, and administration of environmental liabilities across the three regions where the company is present: Colombia, Caribbean and Central America and the United States. The purpose is to ensure compliance with environmental regulations and the organization’s environmental policy.

RMM: What is Argos’ philosophy on environmental challenges?

AMD: We are committed to develop our production activities responsibly, seeking a balance among profit generation, social development and environmental impact mitigation. This is why we have defined an environmental policy with goals up to 2025. Our goals are to promote prevention, mitigation, correction or compensation of the environmental impacts caused by our operations. Efforts are organized into five pillars that represent our main risks and opportunities: climate change, eco-efficiency (including water and atmospheric emissions), biodiversity, sustainable construction and environmental awareness.

RMM: Why should corporate risk managers be paying attention to environmental issues?

AMD: Corporate risk managers must pay attention to environmental issues since businesses, as well as other human activities, depend on goods and services provided by ecosystems, such as fresh water, timber, climate regulation, natural hazard protection and recreation. At the same time, business activities can negatively impact ecosystems, jeopardizing their ability to supply these goods and services. These dependencies and impacts pose several types of risks and opportunities to companies which need to be properly managed to ensure the sustainability of the business.

RMM: Are risk managers receptive to environmental issues, or is there more convincing to be done?

AMD: Environmental issues are an integral part of the business strategy of large corporations, that have understood the importance of managing environmental issues in order to ensure successful corporate performance and contribute to a sustainable world. There are some small companies, however, that are not completely aware of their dependence and impact on ecosystems, and therefore they have not integrated the management of these risks and opportunities into their business strategy. Environmental awareness is growing among these companies as well, and they are starting to realize the importance of managing these issues.

RMM: How does Argos handle water risks in Colombia and the region?

AMD: We are committed to using water in an efficient and responsible manner, focusing our management strategy in two action lines: efficient water use, by measuring the consumption in our operations and implementing reduction plans; and water risk management, through the identification, evaluation and management of water-related risks at our facilities. Our targets are to reduce by 30% the specific water consumption in the cement business by 2025; and 20% in the concrete production, across all the three regions where we are present. In order to measure our exposure to water scarcity risks, we monitor the water stress degree of the basins where our facilities are located, using the WBCSD [World Business Council for Sustainable Development] Global Water Tool. Furthermore, we assess the exposure to several categories of water risks at a local level using the tools WRI [World Resources Institute] Aqueduct and WWF [World Wildlife Fund] Water Risk Filter. This allows us to prioritize the sites where we need to develop action plans. We have also endorsed the CEO Water Mandate aiming to adopt and implement a comprehensive water management approach in its six action lines: direct operations, supply chain and watershed management, collective action, public policy, community engagement and transparency.

RMM: What other environmental risks should be on the minds of risk managers?

AMD: All risks and opportunities derived from the companies’ dependencies and impacts on ecosystems must be on the minds of corporate risk managers, including those related to biodiversity, air quality and climate change. But more importantly, environmental issues need to be the top priority of the board of directors to ensure that the company invests what is needed to address those issues.

RMM: What do you envision as an ideal interaction between risk managers and environmental assessors/engineers?

AMD: Within the companies, risk and environmental managers should work together in order to raise awareness to the strategic level of the risks and opportunities related to environmental issues, as well as to develop and adopt robust action plans that allow the companies to mitigate their environmental risks and foster their environmental opportunities. This adds value to both the companies and society.

Building a Successful ERM Program

Iman H. Al-Gharabally is responsible for the enterprise risk management program at Kuwait Petroleum Corporation (KPC) and its subsidiaries since 2004. She is the team iman-h-al-gharabally-picleader, coordinator and project manager for the ERM program and its strategic implementation across the Kuwait oil sector. Al-Gharabally, a speaker at RIMS’ Middle East Risk Forum 2016, taking place Dec. 13 and 14 in Dubai, United Arab Emirates, discusses the implementation strategies and successes of KPC’s ERM program.

RIMS: How did you begin the process of building KPC’s ERM program?

Al-Gharabally: In 2002 the KPC managing directors at the time recognized there was a serious need to look into and have in place a consolidated view of potential risks and a consolidated risk management format of those risks facing the organization. Hence the ERM initiative was introduced as a way to instill this unified format of consolidated risk management mainly through the insurance section. In 2004 the ERM initiative was introduced and in 2006 the ISO 31000 was launched.

RIMS: How did you develop your ERM structure?

Al-Gharabally: Initially I had no prior knowledge of what ERM stood for. I was recruited in April 2004 from Kuwait Oil Company (a subsidiary to KPC) to project manage and lead this new ERM initiative. I studied the topic extensively and slowly had to lay down the foundation for a dynamic ERM program for KPC and its subsidiaries. We started at the very top, first in the corporate office looking at the strategy of the corporation and what the corporate objectives aimed to achieve in the coming five years from 2004 to 2009. We then looked at the potential risks that would prevent the corporation from achieving those objectives and started the communication lines across the subsidiaries to initiate awareness on these potential risks and put forth mitigation options to ensure the corporation was well prepared and to increase our abilities to deliver on our strategic objectives.

It was imperative at the very beginning to ensure that we worked hand-in-hand with the various planning, HSE and marketing units across the entire value chain. The idea was to start the conversations early and brainstorm unilaterally for solutions to be placed to counteract any potential risks emerging that would hinder our 2020 strategic business goals.

Over the first few months in 2004, we managed to convince CEOs across the group to create and assign a focal point to be internally responsible for ERM and coordinate and liaise with us at the corporate head office on all ERM related matters. It took 10-12 months before having each subsidiary assign a dedicated ERM focal point. Once there were dedicated individuals to communicate with and be internally responsible for monitoring and reporting on all risk-related matters, the next phase of setting up an ERM framework and governance structure was initiated. In 2007 the ISO 31000 framework was launched across the group for implementation.

KPC’s ERM structure is that of a hybrid matrix in which central ERM policies, procedures and key performance measures are set, while subsidiaries and ERM units across the group are free to implement according to their individual company’s needs and business model.

RIMS: How did you make ERM a success?

Al-Gharabally: It was not an easy task, to be honest. KPC is the corporate head office to eight other companies from upstream to downstream. The nature of their business is quite complex and diversified. So to lead ERM initiatives and have them fully incorporated and periodically monitor and report on the progress is a challenging full time task. The key is to be well integrated. From the very start of our initiative in 2004 we made certain that the corporate head office ERM unit was well integrated with each and every single subsidiary ERM unit. We put in place a platform establishing a community of ERM best practice and there are means to discuss, troubleshoot and share various topics to ensure the benefit is widely absorbed across the entire oil sector. We conduct periodic risk culture surveys and benchmark ourselves not only internally across the group, but also against international financial and oil corporations with advanced risk management programs.

RIMS: What is unique about KPC’s approach to ERM?

Al-Gharabally: Having an ERM program in place in an oil corporation is in itself unique. To take that further and have a single unified ERM strategy and shared initiatives across multi discipline functions and across eight subsidiaries elevates the uniqueness. Having delivered a successful fully functioning ERM program over the past 13 years in close collaboration with the corporation’s strategic planning, financial and marketing departments sets KPC’s ERM program apart.

RIMS: What tools/resources have been the most helpful on this journey?

Al-Gharabally: From a risk culture perspective, establishing a community of best practices for ERM individuals to have a platform to share and collaborate various ideas, trouble-shoot implementation issues or integrate objectives on unilateral ERM implementation plans is critical to the success of our program. Having a risk operating committee chaired by the CFO and reporting to the corporation’s risk and audit committee was also a critical success factor to KPC’s ERM initiative. Subsidiaries learned early on that having a dedicated ERM unit reporting directly to the CEO, with no conflicts of interest of shared ownership of risks in the reporting line, was a critical success factor to KPC’s ERM structure. From a technical perspective, establishing a clear ERM framework, policy and procedure as well as systematic reporting of risks in a unified ERM information system, and linking the reporting to the corporations was a critical success factor.

Rims: How can ERM best inform strategy?

Al-Gharabally: KPC’s decision to maximize transparency and work closely with strategy marketing and finance was a key aspect in making our ERM program successful. To be able to look at leading risk indicators and have in place the appropriate mitigation options for improving the corporation’s performance in meeting its strategic objectives is an invaluable resource.

RIMS: What advice can you give those embarking on building a world-class ERM program?

Al-Gharabally: Communication, communication, communication! Had we not lobbied, or brainstormed across various business functions early in our journey in 2004, or not ensured that we had the full support of planning and finance on board for our ERM initiatives, our program most likely would have flopped!

Brussels Bombings Highlight New Risk Realities

Belgium map
The deadly terrorist bombings in Brussels this week have elicited an outpouring of support for the victims and for Belgium, along with renewed rage and consternation regarding ISIS. These are predictable reactions. What these acts also elicited, I’ve noticed, are numerous comments from many outlets that the attacks were not surprising.

The BBC, in fact, said the bombings were “not a surprise” and security experts chimed in with similar assessments. Even Belgians themselves admit that the attack wasn’t shocking—Prime Minister, Charles Michel, lamented that “what we feared, has happened.” Think about how much has changed in less than a generation. Now, when the capital of the EU and NATO becomes a war zone, many react as though this is business as usual.

When it comes to political violence and warfare, we (or at least Western Europe) are living in a brave new world. In fact, research I’ve conducted in recent weeks for a RIMS Executive Report on political risk confirms how much the paradigm has changed. Political risk experts I interviewed have been emphasizing this point. “I think it is truly a distinctive point in world affairs,” said one. Another confessed, “I’ve been doing this for nearly 20 years, and this is by far the most unstable, tenuous, deteriorating…risk environment I’ve ever seen.”

These sentiments are based on more than ISIS. Recent developments include the Ukraine civil war, the migrant crisis, deterioration of large swaths of the Middle East, tensions in the South China Sea, a weakening Chinese economy and Brazil’s political crisis. All contribute to a consensus that things are changing.

For the risk community, a big change is formerly reliable standards of which parts of the world are stable and which are unstable, such as developed economies versus developing and first-world versus second- and third-world. Now more than ever, risk managers considering the security of global operations need to examine a country’s vital signs rather than rely on conventional wisdom about stability. And if mass-casualty terror attacks are the new normal for Western Europe, a number of risk professionals will need to become better acquainted with the realities of political violence.

To end on a positive note, however, we do not have to believe the sky is falling. While terrorist attacks are brutal and unfortunate, it is consoling to think about the odds of being a victim. As data nerds are happy to point out, a person is much more likely to meet his or her demise from bathtubs, dogs and food poisoning. The Post has reported that you are more likely to be crushed by furniture than snuffed out by ISIS.