Risk managers often complain that they have no legitimacy, no trust from their organization. The positive but non-descript feedback they get from superiors probably means that their work is having little impact or worse, that nobody cares. But as Steve Minsky writes in an article for ebiz, there are steps the risk manager can take to win some much needed attention.
Meeting them Halfway
Already having many concerns on their plate aside from risk management, a superior may seem distanced from the ERM language of mitigation, tolerance, and risk appetite. Yet Minksy proposes that by meeting the boss halfway, with points of topical relevance, valuable insights can be delivered to a suddenly captive audience.
By contrast, being a purveyor of the obvious is not a trait the risk manager should try to cultivate. Being flexible and agile enough to match reports to the direct concerns of your higher-ups will win their attention and favor. What’s more, going beyond the aggregate data to give blow-by-blow accounts of your assessment will leave them feeling more invested in the impending scenario.
The Crutch of ERM Policy
In their uncertain quest to deliver value, risk managers also tend to lean heavily on the crutch of tried and true ERM policies. Minsky has this to say:
Many risk managers, unsure of what's expected of them and what their deliverable are, seek guidance through the creation of an ERM policy, charter, project plan or other procedural documents …These kinds of documents provide a great deal of assurance for risk managers that they're meeting expectations, but add little value in addressing the concerns your boss has today.
To get the ball rolling, the ERM is advised to engage process owners regarding a strategic company objective. Minsky recommends starting with a “risk-friendly” segment of the business for mitigating a particular concern. Success in this first endeavor will likely spur a broader interest in your efforts. Being noticed for a change will feel nice.
To read the full article, visit: http://www.ebizq.net/blogs/chief_risk_officer/2014/07/why_your_boss_doesnt_get_risk.php