What is Risk Management?

Every business faces risks. Risk Management is the discipline (i.e. practices, policies and procedures) and function (i.e. people and their internal and external interactions)  that a business introduces in order to manage risks and safeguard against distress and failure.

Depending on the nature of the business, Risk Management is practiced at different levels in the business, including in some cases at the Board level through specialist Risk Committees (for example in banks or insurance companies).


Why does it matter ?

Risk is rarely eliminated completely in business and no business can generate returns without taking on some measure of risk. But equally many businesses and ventures have failed due to taking on too much risk. Where can a business draw the line and balance risk and reward ? That is the question that Risk Management, as a discipline and as a function, is intended to help address. Therefore, in the absence of Risk Management, a business or venture, may be taking on too much risk and not even knowing it. There is therefore a clear benefit from incorporating Risk Management in the overall Corporate Governance of a company. It helps reduce the risk of distress or failure. And on the flipside, it allows companies to at least calculate risks and rewards when faced with major decisions and take appropriate decisions in a methodical and transparent way.

How do you introduce Risk Management?

The oversight body of a company, (usually the Board of Directors) will often have a Risk Committee that will be concerned with the risks taken on by the business and will have regular interaction with the senior managers of the business tasked with Risk Management. Depending on the nature and extend of risks inherent in the business activities of the company, Risk Management may be handled by a dedicated team of executives with their leader either reporting to or being part of the senior executive team of the company (e.g. Chief Risk Officer, or Chief Financial Officer).