10 Ways to Improve Risk Management in Your Organization

Not many outside of the fields of finance and insurance study the subject of risk so extensively or know it so well. This doesn’t mean that you need a wealth of knowledge about risk or tons of experience managing it.

To manage risk well, you do have to be forward thinking. Seat-of-the-pants management doesn’t cut it, even if your organization is very small, like mine. Continually putting out fires — reacting rather than planning — is as far as one can get from risk management.


Does it seem like you’re always putting out fires? (iStockPhoto)

We need to approach risk management systematically and methodically. This means we should:

  1. Know and understand the risks our businesses face. It is wasteful, counterproductive, and pointless to worry about events that are low on the probability or impact scale. Know where your efforts will be rewarded the most and concentrate on those risks.
  2. Implement a risk management policy, making sure it aligns with our overall company policy. State your company’s greatest concerns with respect to risk and point your company in the right direction – tell them generally how you’re responding to risk and why.
  3. Develop and implement a risk management framework. Here, you go into considerably more detail than you do in your risk management policy, of course. ISO 31000 is designed to guide you through this process.
  4. Get everyone in the organization involved. Make sure risk management is part of everyone’s job. Every one of your company’s processes, no matter how trivial they might seem, has an element of risk and must, therefore, be operated with risk management in mind.
  5. Continually gather and analyze risk data. Identify, monitor, and report on anomalies and trends early. This is the era of “big data” and it’s difficult for anyone, at any given time, to say what data we need to be analyzing, so have some flexibility. If you’re tracking certain data and you discover they’re not telling you what you need, don’t stop and fret. Learn from your errors and move on.
  6. As important as corrective actions are, you’ll discover that preventive actions help you manage risks more effectively.
  7. Conduct risk audits periodically so you manage change more effectively. New types of risk surface all the time – it’s unavoidable. Inevitable, even.
  8. While you can always improve, don’t ever expect perfection. High expectations often lead to a great deal of disappointment. Your risk management framework will probably improve slowly and gradually. Oh, you might get the occasional leaps and bounds but mostly, you have to be patient and persistent. Continual and incremental improvement are what you should strive for.
  9. Don’t outsource risk management completely. What I mean is that while other companies and individuals may know quite a few things about risk management that you don’t, they don’t know your business quite as well as you do. Don’t abdicate your own responsibility to manage risk.
  10. Continually assess the fitness of your risk management framework, with an eye to making changes for the better.

Speaking of approaching risk management methodically, note that ISO 9001 can be invaluable in your risk management efforts. You don’t have to be ISO 9001 certified to use the standard. Something I mentioned earlier — preventive action, a requirement of ISO 9001 — is an excellent risk management tool, one that every business should use.

What about your organization? Are you managing risk? How?


We help small businesses improve their efficiency and effectiveness. Whether you're selling a product or a service, we'll show you how you can improve product and service quality, effectively and affordably. If you need quality, environmental, or health & safety management but can't afford a full-time manager or staff, call on Q9C and we'll pick up the slack. For information or a quote, call or write. Subscribe to the Q9C blog while you're at it.

Tagged with: , , , , ,
Posted in Risk Management

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: