Tip 1: Establish a risk governance structure
Create risk or resilience steering committees that include the right level of leadership, cross-functional representatives, and subject matter experts who meet regularly with clear goals. For example:
- Agree upon important strategic risks
- Report progress or blockers toward mitigation activities
- Align on metrics and reporting deliverables.
Early workshops should focus on information sharing across disciplines, gaining alignment toward the appropriate process and risk taxonomies, scoring/assessment methodologies, and clarifying risk appetite and tolerance with executives.
Tip 2: Share risk information and insights
Implement a centralized risk management system or platform to share risk information, insights, and best practices across different risk disciplines to create awareness, collaboration, and transparency. The cross-functional design and implementation process is an excellent opportunity to identify gaps and inconsistencies as well as help identify common risks, assess their impact, and develop coordinated risk mitigation strategies.
Tip 3: Integrate risk management activities
Coordinate assessment, testing, and reporting schedules to minimize the time investment from first-line business risk owners and second-line program teams. Integration of these activities can identify workflow inefficiencies such as duplicative data collection as well as help identify and assess risks holistically, considering their potential impact on critical business processes and operations. This will also enable the prioritization of risk mitigation efforts based on their overall impact on the organization.
Tip 4: Provide training and education
Offer training and education programs across risk teams to enhance their understanding of other risk disciplines and interdependencies. The investment in education helps to break down silos by fostering a culture of collaboration and shared responsibility for risk management.
Tip 5: Senior management support
Obtain support and commitment from senior management to break down risk discipline silos. Senior-level champions should actively promote and encourage collaboration among different risk disciplines and allocate resources to support integrated risk management efforts. Given the many competing priorities, program teams should consistently reinforce the value of an integrated approach to organizational risk and resilience management to their executive teams. Program teams often proactively create a board-level slide(s) for their executive leader, highlighting key non-financial risks, progress toward remediation, and potential future investment requests.
Steve Richardson, Chief Resilience Innovation Officer, Fusion Risk Management