Practical ideas: TAKE OWNERSHIP OVER SOME RISK ASSESSMENTS

At the risk of sounding controversial, we believe risk managers sometimes need to take responsibility for providing an independent risk analysis not based on the information supplied by the management. Although rare, there may be situations where manager approving the project or making a decision has significant conflicts of interest or there may be suspicion of fraud.

Risk managers need to establish risk analysis methodologies that limit reliance on management information and internal data which may be tampered with. Risk analysis should be based on industry data, statistical information, verifiable data and external reliable providers etc.

Risk managers should also use communication channels that allow presentation of an alternative point of view to management. While the goal should be working with the business and providing the necessary support to make risk-based decisions, sometimes risk managers need to play the role of a policeman.

As a result, risk managers may be required to defend their position at the executive meetings, propose risk mitigation actions and even take responsibility for some of the risk mitigation. As someone who had to do it almost on a weekly basis, we can tell you it takes a lot of courage and bulletproof risk management methodologies. It’s difficult, but it’s the only way to become an equal participant in the decision making and not just an observer.

 

HERE IS A QUICK CHECKLIST TO TURN THIS SECTION INTO ACTIONS

Discuss with senior management the need for an alternative / opposing point of view on certain business decisions
Consider having veto power for risk managers on certain types of business decisions
Develop risk analysis methodologies that do not heavily rely on management information
Establish an independent escalation channel to raise issues if management is ignoring risks

 

USEFUL VIDEOS

  https://www.youtube.com/watch?v=r0ZDQZsTdXg

https://www.youtube.com/watch?v=4fRAUZ4AD0I

https://www.youtube.com/watch?v=gI9yOw7JTCU

 

 

Check out other decision making books

RISK-ACADEMY offers online courses

sample85
+

Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!

$149,99$49,99
sample85
+

ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.

$199,99$49,99
sample85
+

Advanced Risk Governance

This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.

$795

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.