While risk management is a priority for all organizations, many organizations do not have the resources available for retaining an in-house Risk Manager. In some instances, teams decide that risk management goals can be achieved through shared duties rather than through the addition of a risk-focused individual contributor. Most of the time, an existing team member is tasked with enhancing and formalizing risk management practices across an organization, either at the behest of senior leadership or the board of directors.
Reskilling oneself and suddenly donning a new hat is a challenge for any employee; but luckily, learning the discipline of risk management is a relatively accessible—and exciting—professional development opportunity. Read on to learn how to become—or empower a colleague to become—a risk leader at your organization.
Traits and Skills of Effective Risk Leaders
Risks of interest can vary widely based on any organization’s mission and operating context. Some risk leaders might need to develop subject matter expertise regarding specific risks, but many risk leaders just need to get their foot in the door by fostering a risk-aware mindset that enables them to identify and manage risks when they’re making decisions that could affect their organization’s future.
In its article, “What’s in a Word? Risk Management Leaders as Mission Champions,” the Nonprofit Risk Management Center (NRMC)—a 501(c)(3) nonprofit organization devoted to developing risk management leaders across the charitable sector—shares this shortlist of desirable qualities and skills conducive to cultivating risk-awareness in any individual:
- Big picture thinker, explorer: capable of understanding the organization, the organization’s environment, and the organization’s risks from a holistic or interdisciplinary perspective; seeks to understand how risks and risk management initiatives to influence various external stakeholders and staff teams across the organization
- Problem solver, solution-oriented: able to guide conversations about risk concerns—which can easily turn into griping sessions—into a productive dialogue that results in multiple possible solutions and action items
- Team player, organizer: able to break down workplace barriers in order to engage diverse staff across the organization and cultivate buy-in and investment (staff time, resources) for cross-departmental risk management initiatives; demonstrates a service mindset and is willing to help and listen to team members from any department or authority level
- Positive, future-focused: demonstrates that risk management is not a backward-looking blame game, but is a way for all team members to collectively move forward and protect the organization; believes that effective risk management creates an opportunity for taking more risk-informed risks that can advance the organization’s mission
- Candid, caring: comfortable with candid dialogue and transparent risk reporting, both in sharing his or her own individual perspective and in listening and thoroughly considering myriad perspectives from team members across the organization
- Life-long learner: does not necessarily have previous risk management experience, but prioritizes risk-awareness and continuous learning; derives energy and satisfaction from risk management work, is always looking for ways to integrate risk-aware thinking into team discussions and other business practices/processes”
Learn more about risk leadership qualities and philosophies by reading NRMC’s article, “What Star Trek Taught Me about Risk Leadership.”
Roles and Responsibilities of Risk Leaders
If your team is ready to ramp up its risk management efforts, but not yet ready to hire a full-time Risk Manager or other risk leader, then start by sharing risk responsibility across an internal team or Risk Committee, perhaps relying on representatives from various departments or business functions.
NRMC recommends the following duties “as possible shared responsibilities for a risk team” in its article, “Restructuring Risk Roles:”
- Collaborates with other teams and departments in order to identify, understand and address risks
- Establishes, leads and staffs cross-functional teams and task forces formed to explore and address risk issues
- Collaborates with and supports the executive team to ensure timely and effective responses to crisis events and emergencies
- Keeps apprised of developments in the fields of risk and insurance to support the evolution of risk management practice across the organization
- Fosters a culture of safety, stewardship, and risk-awareness
- Explores and champions ways to improve policies and processes that fall within the risk team’s scope of responsibility
- Designs and conducts post-mortems for near-misses and critical incidents
- Develops and implements risk management tools, policies and practices
- Identifies ways to demonstrate the efficacy of the risk function, and how risk management ties to mission-advancement
- Develops and delivers staff training on topics that fall under the team’s scope of responsibility
Continue developing the capabilities of your risk leadership team(s) by sharing these relevant NRMC resources:
- How to Conduct a Risk Assessment
- Risk Assessment Perspectives: Re-Lens with Three Approaches
- Designing a Doable, Durable Risk Management Function and Capabilities
- The Garden of Risk Oversight: Positioning the Board to Cultivate Strategic Risk-Taking
Supercharging Risk Leadership Capabilities
Any team member can continue honing risk leadership skills by networking with and learning from risk-savvy peers at institutions with missions both similar and dissimilar to yours. Start by considering diverse perspectives shared by nonprofit risk leaders in this Q&A as well as this interview with the risk champion of a global health and development organization.
Also, explore the robust risk management resources available from NRMC. Sign up for NRMC’s weekly RISK eNews column, or review recommended reading for rising risk professionals:
No matter how you pursue the practice of risk management, remember that your job is not to predict risks, but to prepare your organization to remain resilient and deliver its mission in an uncertain world.