Since the economic crisis of the past few years, the risk management function has had a greater focus in the corporate sector. It is generally accepted that the risk role requires team effort as well as rational thinking on issues that could be regarded as risks. For this reason, it is imperative that the risk attitude is not exaggerated or understated in any organisation.
Looking at extreme opposites of the risk management attitudes, one could argue that the one fanatical perspective is that of a ‘riskaholic’. In this risk world, every moment of existence could be a risk. Getting up in the morning could be a risk, driving to work could be a risk, being around a mother in law could be a risk and watching sport could also be a risk.
Of course, this is grossly exaggerated and risk is not meant to be a crisis alarm bell for the organisation – it is meant to be a systematic process aimed at proactively identifying potential issues in a structured way and with rationality. It is about getting business leaders within an organisation to pause and think of issues that could prevent them from achieving their objectives.
On the other hand, the other extreme of risk is to ‘risk denialism’ which is the propensity to dismiss all risk issues as non-issues. This is when there is clear danger ahead, yet no aversive action is taken to ensure that an organisation does not experience any losses. A ‘risk denialist’ would stop at nothing to argue whether or not a risk exists. This becomes problematic as the discussion suffers a painful and endless analysis paralysis.
These extreme and opposite stances on risk are further worsened by the fact that defining risk is often very generalised and as such it becomes difficult to clearly define, quantify and realistically identify. The word risk is often applied as a magical stick to any situation that has not been clearly defined and quantified as a potential problem.
It is for this reason that any organisation with a sound risk management process, defines its risk management process through a policy and through a specific Risk Management framework such as the COSO Enterprise Risk Management framework and/or the ISO31000 risk management framework – the two standards which are internationally accepted as the best frameworks for implementing an effective enterprise-wide risk management framework.
The most constructive mind-set in risk management is that of a risk ambassador. This is the median point between Risk denialism and riskaholism. A risk ambassador is an attitude of being aware of the business unit goals as well as the obstacles (risks) that could prevent the unit from achieving those goals. A risk ambassador knows that in their day to day work, they can make a difference in helping the organisation become a better manager of its risks. In addition, a risk ambassador also looks for opportunities or innovative solutions that arise out of risks identified.
Being a risk ambassador is a state of mind, it is the self-assured attitude that one can be a leader without a title. It is a choice in one’s day to day work of applying risk management thinking in one’s activity and knowing that the cumulative impact of all staff members being risk ambassadors will make any organisation a leader in its industry.
Furthermore, being a risk ambassador requires one to be rational and practical about issues. It is about awareness of the groups’ framework and structures. It is about knowing that even if a situation is not a risk or even an incident, there is always an opportunity to learn and share views on a matter. Lastly, it is about ensuring that any potential issue with a reasonable chance of being dangerous to the organisation needs to be highlighted, reported and resolved in conjunction with the relevant risk management stakeholders.
Risk ambassadors are aware, they live the principles of SPEED (Sense of urgency, Passion, Energy, Enthusiasm and Drive) in their day to day activities. They know that by proactively identifying potential pitfalls and opportunities related to risks, they help make the company a great company that employees and client partners can be proud of.
What is your strategy for creating risk ambassadors within your organisation?
How do you create a positive vibe/enthuse staff about risk management activities?
Do you have a reward/recognition strategy for your best performing ambassadors?
Feel free to answer in the comments section.