Practical ideas: Include risk management roles and responsibilities into existing job descriptions, policies and procedures, committee charters

Risk managers may begin the implementation of the selected risk governance model by documenting risk management roles and responsibilities. It is quite common to describe risk management roles and responsibilities in risk management policy or a framework document. This approach seems simple to implement, yet not very effective, as business units often don’t feel ownership of these documents, instead they consider them irrelevant in everyday business and simply ignore them. There is a better way.

It is considered more effective to incorporate risk management roles and responsibilities into existing job descriptions, policies and procedures, various committee charters and working groups. Risk management roles and responsibilities must be identified and documented for all levels of management. As mentioned by a number of the risk managers we have interviewed, it is a much more effective than listing roles and responsibilities in the risk management policy or framework document.

Work with your HR team to include ISO31000 knowledge and risk management competencies in job descriptions / position descriptions for new hires.

 

USE THE CHECKLIST PROVIDED BELOW TO TURN THIS SECTION INTO ACTIONS

Check out other risk management books

The Standard for Risk Management in Portfolios, Programs, and Projects
Implementing Enterprise Risk Management: From Methods to Applications (Wiley Finance)
Operational Risk Management: Best Practices in the Financial Services Industry (The Wiley Finance Series)
Review existing job descriptions, committee charters, policies and procedures

Update existing job descriptions, committee charters, policies and procedures to include risk management roles and responsibilities if not already done

In order to reduce unnecessary tension, do the update in coordination with HR at the time when these documents are being reviewed anyway

Include ISO31000 knowledge and risk management competencies in job descriptions for new hires

 

USEFUL VIDEOS

Alex Sidorenko from RISK-ACADEMY talks about two ways of documenting risk management roles and responsibilities and the impact it has on risk culture. https://www.youtube.com/watch?v=1Km332LJmPY

RISK-ACADEMY offers online courses

sample85
+ Buy now

Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!

19,999,99
sample85
+ Buy now

ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.

199,999,99
sample85
+ Buy now

Управление рисками

В этом коротком и очень увлекательном курсе, Алексей Сидоренко расскажет о причинах внедрения риск менеджмента, об особенностях принятия управленческих решений в ситуации неопределенности и изменениях в новом стандарте ИСО 31000:2018.

19,999,99

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.