First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

Two words to transform discussions of risk management: risk to objectives

This post discusses risk to objectives in terms of risk management.

risk to objectivesI have written extensively about the disconnect between risk practitioners and executives when it comes to risk management.

I have urged practitioners to:

  1. Use the language of the business instead of risk techno-babble;
  2. Try to stop using the R word entirely! Try to talk instead about what might happen, is that OK, and what are we going to do about it?; and
  3. Focus on enabling intelligent and informed decision-making rather than a periodic list of risks (enterprise list management)

Now I have a new suggestion.

If you have to use the R word, add two more.

Instead of talking about risk, talk about risk to objectives.

Review of a list of risks to objectives and consider how much risk to objectives you are willing to take.

If you have to talk about risk appetite, talk instead about the appetite for risk to objectives.

Those simple two words make you focus, not on risk for its own sake, but how enterprise objectives might be affected.

Which objectives are “at risk”? Be specific if you want to drive the necessary actions.

Are you more or less likely to achieve them? Is that OK?

It’s not about managing risk – it’s about achieving objectives.

What do you think?

Would this improve the discussion?

It’s a simple thought but I think it can make a huge difference.

Do you agree?

Follow me

Norman D. Marks, CPA, CRMA

Norman D. Marks is an Author, Evangelist and Mentor for Better Run Business, as well as an OCEG Fellow and Honorary Fellow of the Institute of Risk Management. Mr. Marks has been a practitioner and thought leader in internal audit, risk management, and governance for a long time. He has led large and small internal audit departments, been a Chief Risk Officer and Chief Compliance Officer, and managed IT Security and governance functions. Read more
Follow me
Send to Kindle

, , , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.