Risk Management professionals recommend that businesses have three lines of defence against their risks.  These are:

  1. The individual manager.
  2. Risk Managers, Inspectors, Health and Safety Officers and similar advisors within the business.
  3. Independent persons such as auditors and non-executive directors.


What if you cannot achieve this?  What if you are the only line of defence in your business?

Then it is all the more important that that one line is robust.  You need to be sure you are managing your risks actively.  Perhaps you cannot afford a full-time risk manager, but what about using the services of an external one, at least once a year, just to give you an independent view?  Or how about getting someone in your business trained in Risk Management?