Many people seem unsure of what I mean when I talk about Risk Management (RM). So what is it?
It is simply the management of risk. As life is full of risks, we all manage them: sometimes consciously, sometimes not; sometimes well, sometimes badly. What is needed is a planned, deliberate approach, resulting in written evidence of how each of your risks is managed.
Above all please note these three things that it is NOT:
1) RM is not another name for Insurance. The world was full of risks from the start: insurance has been around for only a few hundred years. Not all risks are insurable, but they all need to be managed. It is better to prevent the fire, accident or other loss than to receive an insurance payment after the event.
2) RM is not another name for Health & Safety. There are many kinds of risk: property, financial, reputational, environmental, physical, cyber, and business. Health & Safety deals with only one kind. An essential element in good risk management is the balancing of one risk with another, e.g. the risk of a car crash versus the risk of being robbed on the Underground.
3) RM is not a fancy name for Common Sense. If only sense were so common! It is true that good managers have often managed risks successfully without using that term, but there is a danger of overlooking something potentially serious but not obvious. You also need to write down your informal assessment of risk for the benefit of others who may not have your “common” sense.
I will be blogging again soon about what risk management consultants do in more detail.