What is Risk Leadership?

By Peter Young.

For the last 10 years, UST has been developing a position that has led to the 2016 launch of the “The Risk Leadership Initiative”.  As we embark with you, our broad group of stakeholders, on the next academic year, we thought it might be useful to clarify our usage of the term Risk Leadership and invite you to participate with us in extending our understanding of this challenging and changing concept.  We invite you to participate with us at UST events, in the classroom, at round-table dialogues, and on social media to explore and define what Risk Leadership means to you and your organization.  Ultimately, as a teaching organization, we seek to develop your capabilities and skills and offer you a variety of ways to continue to inform your organization and enhance your career.

We have coined the terms, Risk Leader and Risk Leadership, to make a distinction between traditional risk managers of all stripes—insurance buyers, IT security managers, financial risk managers, internal auditors, compliance specialists, etc.—and a rather new phenomenon that has arisen in recent years.  For example, most of the newer views of risk management assert that, in some sense, all managers are risk managers within the scope of their responsibilities.

Our investigation of this assertion led us to realize that while the word “management” applied to some of common understanding of managing risks (driving and protecting one’s assigned objectives), there were many situations where the scope or size of the problem required cross-silo cooperation, effective communications, and advocating for collaborative responses.  In other words, these activities required more “leadership” acumen than managerial competence.  Given this, how do we describe those farther reaching, strategic activities?   Our conclusion was that the managers were providing “Risk Leadership” to support enterprise-wide objectives.

We have also observed that top management and the board of directors play a particularly significant role in assuring that a comprehensive, strategic, and consistent approach to risk management is undertaken.  In other words, they have a role that is not properly defined as managing, but rather—risk leading by setting the “tone at the top”.

Additionally, we recognize that some type of specialized knowledge is necessary to provide effective “risk leadership”.  A common response in organizations has been hiring a high-ranking individual to provide overall coordination of all aspects of risk management within an organization. This individual may go by various titles (Chief Risk Officer is one), but we chose to refer to this highest-ranking position as the “Risk Leader”.  To be clear, all managers are risk managers and have risk leadership possibilities within their own area of responsibilities, but in part because of this dispersion of responsibilities among all employees, there has arisen a specific “Risk Leader” function within many organizations to coordinate, inspire, energize, and—well—lead on responding to risk.

That, is our current meaning when we talk about “Risk Leaders” and “Risk Leadership”.  We invite, our readers and ultimately our stakeholders, to further our explanation of 1) what risk leadership entails, 2) how managers develop the necessary skills and abilities to exercise risk leadership, and 3) what are the particular knowledge, skills, and abilities necessary to be an effective Risk Leader.

We invite you to participate in the 2017/18 UST events, courses – both traditional and online, certifications, round-table dialogues, and social media to explore and define what Risk Leadership means to you and your organization.  Please take this opportunity to get to know us by reading this issue of the Risk Leadership Initiative newsletter.  We look forward to seeing you this year! >>