Long gone are the days where risk management was left to one operational person reporting through to middle management. Regardless of the industry sector, risk is best managed at the source. Current successes in Enterprise-wide risk management (ERM) show that everyone has a responsibility to understand risks within their portfolio, and to be equipped with the tools to manage them effectively. The organisational structure of major events, national and state sporting organisations, large public venues, councils and universities consist of: • Strategic risk managers • People managers and • Technical experts
Technical experts are operationally focussed and are the functional area staff who deliver goods and services. People managers are transactional focussed and look to motivate staff to accomplish these tasks. They implement corporate policy and systems and manage the technical experts. In venues these are the general managers, event managers and functional area managers. Strategic managers scan the operating environment for opportunities and threats that affect the strategic objectives of the business and that may affect shareholder value. They builds relationships with key partners and stakeholders and are politically sensitive to commercial and policy decisions. These are the CEO’s, COO’s, CFO’s, Commercial Managers and Business Development Managers.
So how does this relate to risk? If a definition of risk management under ERM are that risk represents threats and opportunities for achieving objectives then if everyone is helping the business achieve objectives then they too have a role to play in managing risk:
As Strategic Risk Managers, their roles are: • Increasing shareholder/owner value • Creating and capitalisation on growth opportunities • Governance - under the constitution, guidance principals, ethical standards, and corporate policies • Resource distribution • Strategic planning and decision-making • Business continuity (Crisis management)
As People Risk Managers, their roles are: • Compliance focus with internal policy, regulatory standards and internal risk controls • Maximising revenue • Cost minimisation • Human-factors resource allocation • Business continuity (Emergency management, Operational disruption, Crisis management) • Operational decision-making
As Technical Risk Experts, their roles are: • Technical innovation (seeking opportunities) • Compliance – With procedures and regulatory standards • Cost minimisation • Business continuity (Emergency management, Operational disruption) • Improved management systems of work
Risk is best managed at the source and an effective ERM program has everybody equipped for understanding and managing risk within their own portfolio.