I was asked by the Chairman of a very large listed company a very straightforward question, “What is a good risk manager and what do they do?”. Here’s what I thought he wanted to hear.
My answer went along the lines of:
“A good risk manager does not manage risks. A good risk manager helps others to identify and understand the risks they might face. A good risk manager will then look for ways to help others to take actions that allow informed decision to be made, with some degree of confidence”.
I could hear the lecturers from my Masters degree course applauding, I could hear my esteemed associates in the risk management institutions murmuring their support and I could hear the CEO, director and entrepreneur inside my head screaming “Shut Up You Big, Fat, Fraud. You don’t think that for a minute!”.
I could see his eyes literally glossing over as my words drifted into his left ear and out of his right on the breeze. He seemed happy enough and used to this kind of answer, which I found more distressing than if he’s stood up and slapped me squarely on the chops for wasting his time.
I have to say that, I am in the very, very, fortunate position where I would like the work on offer rather than desperately need it. That probably allows me some freedom that many people don’t have. Having said that, Board advisory is very nice work and opens many doors.
So, without further ado, I stopped and said from the heart “I’m sorry, I didn’t really mean much of what I just said”. He raised his eyebrow, and in true Chairman style, allowed me to continue without another word. It was now time to stand up and be counted.
I said “the vast majority of risk mangers simply run around trying to understand and make decisions or recommendations on complex issues that are beyond their capability and training. They have no clear boundaries in which to work. They are not well liked by the business, they’re seen as a necessary evil to appease the Board, that eat up valuable management time and resources. Every day we point the finger at them for poor outcomes and disasters that they had almost no control over. I’ve even heard them called, in my opinion, somewhat unfairly, the business prevention squad”.
I could see a few nods but not much more. So I continued…
“A good risk manager is someone who is practised in the art of asking the hard questions and actually listening to the answers. People that aren’t afraid to look dumb and repeat a question when they don’t understand something, rather than lose face by asking something silly. The best risk managers in my opinion, are business people that ask powerful questions that reveal facts and can make clear decisions. A good risk manager is willing to take some risks and still allow themselves to have gut feelings. They don’t try to manage everything.”
Now, I’d like to say the esteemed Chairman jumped up, had an epiphany moment and signed my engagement letter, that was not the case. He was experienced in the art of giving nothing away. All part of the game.
So I simply asked “when can we start the engagement?”. I’ve learned to be a bit more presumptive, in my latter years.
His answer was short and sweet. “You already did, we can talk dollars later, I’d like you to come and meet the MD, you’re first answer would probably have got you the gig but the second one kept it”.
He was looking for someone who understands risk but doesn’t fear it. He didn’t want a risk zealot. He wanted someone prepared to roll up their sleeves and get to the bottom of things on his behalf but do so with a commercial sense. After all, it’s his backside on the line when the results are announced.
Tags: Board Advisory, CEO, Chairman, Commercial, Director, Fraud, Good Risk Manager, Identify Risk, Risk, Risk Management, Risk Manager
What do you think makes a good risk manager? Do you know your own risk profile? Are you a risk taker or are you risk averse? Would you like our help with any of the analysing your strategic risks and opportunities? Please call on +61 2 9258 1972 or go to our Contact page.