Risk Management Revisited – Why Risk Management is more important than ever
The business landscape has certainly developed since our 2013 article on ‘why risk management is important in an organisation’, yet to this day it remains one of our most popular resources. With businesses shifting digital, and data breaches and cyber threats proving costly to organisation’s bottom line and reputation, the relevance of Risk Management has only heightened and with it a need for an article update.
The entire nature of the risk discipline has evolved over the past five years allowing Risk Management to transform from a once tack-on function. No longer is it an individual, narrow sector but rather an interdisciplinary field that requires an all-inclusive, integrated approach. The challenge of Risk Management today is allowing it to have this all-inclusive approach without it becoming a 'check the box' regulatory exercise. Rather shifting from an 'us vs. them' mentality to just 'us'.
Top risk concerns have also developed, whilst 2013 risks centred around political uncertainty along with recruiting and retention challenges, todays risks include cybersecurity, crisis response, digitalisation and regulatory changes at the top of the list. In response, Risk Management has gone from a reactive and independent function, to one that is at the forefront of strategic decision-making, integrating its own best practices and standards.
This growing prominence means Risk Managers need to understand beyond business-related operations, to how these operations sit in the whole picture. This means success is also dependant on how Risk Mangers foster relationships and incorporate all business units.
The growth in Risk Management within cybersecurity and IT is exponential with the term ‘Technology Risk’ a heavily featured requirement in today’s risk jobs. Integrated cybersecurity and Risk Management strategies are required to meet today’s challenges and efficiently manage overall risks. EY is one company to pioneer this progress – their “fully integrated and globally connected teams create a single all-encompassing vision for managing cyber security risk”. Deloitte and other firms have adopted similar integration strategies.
Risk Management qualifications have remained relatively similar as most jobs have a minimum requirement of a bachelor’s degree. Risk Management degrees are becoming increasingly common; however, a business studies, economics, law, management or finance degrees are all suitable. Salaries average at £56,500 per annum with roles being typically well-paid and well-respected. Along with improved salaries, career development opportunities have severely improved.
If considering a step into Risk Management now is the time with entry level positions typically involving a high rotation around market, operational and credit risk strands. Risk Analyst roles are also another entry level opportunity.
Overall, Risk Management is now a tool to aiding businesses to achieve objectives rather than identifying and managing risks (which remains equally crucial). Risk Management is no longer a standalone function.