It is the goal of every risk manager to be proactive not only in day-to-day operations but in a company's future. Making risk management a reality or a vital aspect of company operations is aptly called "making risk management happen."
A good place to start is with a corporate risk management policy statement, which should be adopted by senior mangement. If an organization lacks a policy statement, the risk management objectives loses focus. A policy statement should give direction to all levels of management and specify the goals of the organization in relation to risk management.
Making risk management happen can be especially difficult if the risk manager is isolated. If this is the case, the risk manager must attain more visibility, with the support of his or her superior. In addition, tact and diplomacy is usually required, as the risk manager must continually remind his or her superior of the importance of keeping current with management decisions. Other than being visible, it is important to convey to colleagues and senior management that risk management is an increasingly vital and effective management tool.
Getting a Foothold
Selling risk management objectives is the key to making risk management happen in an organization. But before one can sell, he or she must be proficient in risk management techniques, know the company's operations and outline the sales approach. Define which department needs to be addressed. Also, consider political strategies such as to whom or where does the department officially report within the organization. Anticipate obstacles and know the pros and cons of the subject as well as the audience's expectations. Try to overcome objections by listening to and understanding their concerns and opinions, verifying issues and positions and solving their problems.
The timing of the presentation or meeting and its location are also important. Make sure that all participants are committed to attending. Finally, get feedback from them before and after the presentation and qualify and answer in writing questions that were raised.
However, knowing the subject and audience and having interpersonal communications skills does not guarantee that risk management goals will be embraced. Sometimes the proof rests with how well the risk management department handles the organization's exposures and losses.
In his address at the 1987 Canadian Risk Management Conference, then RIMS President Art Bostwick discussed the management-by-walking-around concept. He explained how it is an excellent tool to make risk management happen. By physically viewing the organization in operation, a risk manager becomes more aware of the operations and gains handson experience. Information on the past, present and future objectives of the organization by department and division is essential in risk identification.
Through risk identification, an analysis of the operation by department will reveal the exposures involved and indicate the strengths of various departments. It also provides information on department functions and how they relate to each other, and thereby helps develop the catastrophe plan.
Catastrophe planning is an indepth identification program requiring the participation of every function within the organization. This plan highlights the equipment, services and facility requirements of every department. With the completion of the risk identification step, recommendations can assist various departments in protecting corporate assets against a potential loss. If there is already a risk identification review in place, it may be time to review that data and update files by analyzing what it takes to get a downed facility operational in the least time.
Obtaining the cooperation and support of other departments is also important. The legal department can review contracts, defend claims, litigate claims against third parties, provide legal …