Five years ago, while coaching senior managers at a pension fund in Uganda, we launched an ambitious transformation program. The board had approved it. The funds were ready. Staff were motivated. We were roaring to go. Then… nothing. Three months in, the energy fizzled out. Staff went back to old routines. Managers defaulted to firefighting. The momentum died. Everyone blamed “resistance to change.” But that was a lie. The truth was uglier. I diagnosed the problem. Deeply. It is not superficial, like how most consultants send you generic reports after Googling your sector. No. I met the staff. I observed…

In early 2024, a global bank’s AI-powered hiring tool was caught red-handed: it was systematically filtering out female applicants. Not because someone programmed it to be sexist, but because no one trained it not to be. The data it learned reflected decades of biased hiring. And so, the model learned that being male was a “better predictor” of job success. The developers shrugged. HR had no clue how it worked. The risk department had signed off blindly. But it didn’t stop there. Dig deeper, and you’ll see another silent crisis brewing—this time in the credit scoring models used by banks.…

You have a penetration testing process. You have a risk management department. You have an internal audit team. Yet you are still vulnerable. Why? Because most teams are not evolving as fast as the threat landscape. At Summit Consulting, our VAPT approach is simple and brutal: Inception meeting: Define timelines, expectations, and failure points up front. Blackbox penetration testing: Simulate a real-world external attack without insider knowledge. Vulnerability assessment: Identify cracks before the enemy does. Whitebox penetration testing: Simulate insider threats with full access. Internal vulnerabilities assessment: Your weakest links are always inside. Final report compilation: No sugar-coating. Just the…

In 2008, I sat at the back of the Institute boardroom, clutching my notebook like a talisman. I wasn’t a board member yet. I was just “Member, Member Services Committee,” but you could not have convinced me otherwise. Every meeting was a masterclass. Every whisper from the Committee Chairman was a lesson in agenda control. Every casual joke from the Institute’s CEO / Secretary was a calculated move to steer decisions without raising alarms. I learned something most people never figure out until it’s too late: Boardroom success is not about having a seat. It’s about having a spine. You…

To unlearn bad habits, first experience them. I have shared a lot about the RxI scores. R × I — Risk × Impact — was invented to make risk feel manageable. But in real life, it’s the biggest scam in risk management. It is time to transform it. You can either ditch it or overcome its limitations by providing more context i.e. using the following risk register – by including a story in your risk assessment. Here’s why and how: 1. Risk is not arithmetic. A risk scored 3×5 is not the same as 5×3. One could wipe you out…

Five years ago, I sat across a board chair in the agriculture value addition space. The CEO had been sacked after a procurement scandal involving ghost suppliers and inflated invoices. But here’s the twist: six months earlier, the board had praised this same CEO for “excellent turnaround results.” Why? The numbers looked good. Profits were up. No one asked what fuelled the miracle. That, right there, is the silent rot that boards allow to fester. The point is simple: the tone of ethics is set by the board, not the CEO. When the board fails to ask the uncomfortable questions,…