Rod’s Rant –Use professional experts in risk management not ‘fill ins’
This is not just written because I provide training in risk management – well okay – just a little bit. But for me people not appropriately skilled or qualified to take on the responsibilities associated with risk management, is certainly a frustration of mine, and dare I say it, a risk!
Quite often it seems cost-effective to ‘appoint’ someone as the ‘risk manager’ despite that person not being appropriately qualified. In fact, I have come across the odd multi-million dollar project in which the so-called ‘risk manager’ (often a consultant) has merely read a book the week before – oh dear.
Just because you have engaged someone (member of staff or consultant) that considers themselves a risk expert does not mean they know what they are doing!
Hiring staff or engaging consultants into an organisation to fulfil risk management roles with no qualifications, in the management of risk, will result in risk management outcomes that are, at best, questionable or, at worst, leave the organisation totally exposed to unacceptable consequences that arise from risks that remain untreated.
What fascinates me is that no organisation would engage an unqualified accountant. No organisation would engage an engineer that wasn’t qualified and certified. No organisation would engage an auditor that wasn’t qualified and certified.
We need the risk management profession to be just that – a profession. Using a person who ‘fills in’ as a risk manager or just takes on the role is so flawed and so risky. Organisations should employ people who live and breathe risk management, aspire to do risk management professionally to gain the long-term skill-set that gives your organisation a sustainable and long-term risk management plan and strategy.
So, my question is this: do we think so little of risk management as a discipline in our organisation that we are willing to put people in risk management positions who are not qualified, or engage consultants that are not qualified? When was the last time you saw a Chief Finance Officer that didn’t have an accounting or finance background? When was the last time you saw a Chief Information Officer that doesn’t have an IT background?
So, the takeaway here is simple: there are risk management qualifications available so get your staff qualified and certified and, when hiring a consulting firm to assist you in developing your risk management program, insist that their consultants are trained and certified. In that way we can build a profession that is truly professional.
More information on my courses is available at: https://paladinrisk.com.au/training-services/