Risk management consultancy and training services

Call Us:

(+61) 400 666 142


Canberra ACT 2600

Getting management to buy-in

Getting management to buy-in

Hello and welcome to this session. What we’re going to talk about today is how you get senior management support and buy-in for your risk management program. Now, of course, there are a lot of organisations out there who are doing risk management as opposed to managing risk. And what I mean by doing risk management is just doing enough to be seen, to be compliant with whatever policy or legislation or regulation as opposed to really using risk management as a tool to make risk informed decisions as I’ve spoken about on a previous blog.

If you’re senior leadership aren’t only demonstrating their commitment or aren’t only saying that they’re committed, but also demonstrating their commitment through their own leadership, then of course the risk management program is not going to make the inroads and derive the benefits to your organisation that it potentially can. So how do we convince them?

Some people or some organisations they go and say, “Well, listen, if you don’t follow- if you don’t manage risk effectively, you could end up in jail or have a $500,000 fine” which is of course the case with WHS risk and what I see then is a lot of focus around WHS risk potentially at the expense of corporate risk. It’s all well and good to have your people safe, but if you’re ignoring all the other risks, there may not be a workplace for them to be safe at.

So it’s a matter of actually looking at what’s in it for them, what are the drivers for your organisational executive? What are the drivers for the individual managers that you’ve got within the organisation and see what you can do to demonstrate that risk management is actually going to add value to those drivers. You need to be able to demonstrate to them that risk management is going to bring about better benefits for the organisation and that’s not simply just looking at past incidents that have occurred in your organisation or other organisations and saying, „Well, if we had better risk management, we would actually have stopped that.” It’s more than that. What you need to be able to demonstrate to them is there is a clear linkage between an effective risk management program and the achievement of your objectives and a better performance against KPIs or key performance indicators.

So how do you do that? Well, first and foremost, of course you need to have a performance management framework that’s effective and you need to be able to demonstrate over time that your efforts in terms of improving risk within the organisation have resulted or have contributed to a growth in effectiveness or a better outcome from the KPI. It’s not simply about saying, “Boss, if you- it says so in the legislation, you got to do this” and so dragged kicking and screaming to do risk management.

Risk management is a value, there’s no doubt about it, but what you need to be able to demonstrate is there is that value add. And if you looked at my first e-book, Demystifying Risk Management, I talk about how we measure risk management performance and that becomes a very, very strong tool in terms of convincing the senior executive of its merits. So if you haven’t already done so, I encourage you to download e-book one and e-book two which is Risk is Not a Four Letter Word, and have a look at some of the approaches around getting senior management support.

That’s all I’ve got for this particular session and as always, let’s be careful out there.

Written by Rod Farrar

Rod is an accomplished risk consultant with extensive experience in the delivery of professional consultancy services to government, corporate and not-for-profit sectors. Rod takes every opportunity available to ensure his risk management knowledge remains at the ‘cutting edge’ of the discipline. Rod’s Risk Management expertise is highly sought after as is the insight he provides in his risk management training and workshop facilitation. Rod was recognised by the Risk Management Institution of Australia as the 2016 Risk Consultant of the Year and one of the first five Certified Chief Risk Officers in Australasia.