Risk managers can bring a lot of value to the company by informing management about emerging risks. To do this, risk managers need to establish procedures for scanning the external and internal environment, for identifying emerging risks, recording them and informing senior management in a timely manner.
In order to identify emerging risks, risk managers need to regularly communicate with representatives from different business units. Some suggested that risk managers should establish a routine that allows them to have weekly or daily informal conversations (over coffee, group lunches, quick chats in the corridor) with the heads of different business units. One risk manager we interviewed created an informal table tennis tournament to have an opportunity to meet different business units in an informal relaxed setting every week. Another risk manager suggested joining efforts with internal auditors or internal control specialists to identify emerging risks and to provide management with an assessment of organisational readiness / resilience to meet emerging threats.
Staying connected with the global risk community is also a good way to learn about some emerging risks. Although truth be told most national risk management associations are more concerned about fashionable risks or what we may call fads. And they are often late, jumping on the bandwagon once the risk becomes imminent, not emerging.
HERE IS A QUICK CHECKLIST TO TURN THIS SECTION INTO ACTIONS
☐ | Establish a routine to have regular informal conversations with business unit heads |
☐ | Stay up to date with latest developments in the global risk community |
☐ | Develop a procedure for having emerging risks discussions with management |
☐ | Work with internal audit to test your organisation’s preparedness / readiness for emerging risks |
Check out other decision making books
RISK-ACADEMY offers online courses

Informed Risk Taking
Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!

ISO31000 Integrating Risk Management
Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.

Advanced Risk Governance
This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.