By Rick Nason, PhD, CFA
Partner, RSD Solutions Inc.
Partner, RSD Solutions Inc.
In many of the corporate risk management workshops I conduct, I
generally start with two questions: (1) What is Risk? and follow that up with
(2) What is the Objective of the Risk Management function?
For the first question I often get something of the form “risk is
something bad occurring”. As readers of
my blog know, I believe this is not a great answer, but admittedly it is by far
the most common answer. (I believe that
a more useful and valuable definition of risk is “risk is the possibility that
bad or good things may happen”)
While conformity may be the norm for answering the first question,
there is generally much debate and one might even say confusion about how to
answer the second question. Some common
answers are that risk is a regulatory function (ouch!), or that risk management
is a baby-sitting function (ouch again!).
The truth is that many companies do not have a well-defined
objective for the risk management function.
Without a well-defined objective, how is the risk management function supposed
to add value? In fact one cannot even
answer the important question of whether risk management should be a cost
centre or a value centre. (I strongly
believe that for most companies that risk management should absolutely be a
value added centre.)
So the question of
truth becomes “does your risk management function have a well-defined
objective?” After all, we all know the
statement that “if you don’t know where you are going then any path will take
you there”.
No comments:
Post a Comment