Transforming Risk Culture: Lessons from Experts

Incorporating Risk Management into Organizational Decision-Making

Risk culture within an organization is pivotal. A positive risk culture integrates risk analysis in decision-making, aligns it with business goals, and ensures a uniform understanding of risk management across the board. Conversely, a negative risk culture can lead to poor decisions, view risk management as an obstacle, and depend on outdated risk tools, failing to foresee emerging opportunities.

Back to Basics: Establishing a Risk Management Framework

Tom Hughes, head of risk and financial crime at SimplyHealth, emphasizes the importance of starting from scratch in less mature organizations. This involves resetting the risk management framework and transitioning mindsets to actively manage risks. Key strategies include building strong relationships, developing a clear taxonomy of risk, and using risk simulations linked to corporate objectives to dismantle silos and encourage risk-aware thinking.

Claire Hopper, international sales engineer at Riskonnect, underscores the need for a common risk language, essential for gathering comprehensive risk data. This includes educating new employees with a glossary of terms and utilizing collected data to identify emerging risks and assess the cost-effectiveness of control measures.

Financial Incentives and Board Engagement

Alex Sidorenko, head of risk at Serra Verde, points out that financial incentives are crucial for gaining top-level support. Demonstrating how risk management can reduce insurance premiums can be an effective way to secure board buy-in.

Hopper also stresses showing the upside of risk management, highlighting how it can leverage business opportunities. This approach can be more appealing to the board, often preoccupied with financial implications.

Building Stakeholder Relationships

Hughes suggests mapping stakeholders to tailor risk management strategies effectively. Understanding their attitudes, motivations, and technological proficiency helps in fostering better relationships, especially with those initially resistant to change.

Informal Engagement and Organizational Involvement

Sidorenko shares an innovative approach of using casual settings, like pizza nights or table tennis tournaments, to engage department heads in risk discussions. This helps in understanding their risk perceptions in a less formal environment.

Hughes notes the importance of involving every employee in risk management by integrating risk-based objectives in their development plans. This aligns individual responsibilities with the organization’s strategic goals, emphasizing everyone’s role in managing risk.

The Results of a Positive Risk Culture

A well-established risk culture transforms the risk management team into a commercial enabler. It aligns activities with strategic goals and removes obstacles to success. In a robust risk culture, employees proactively seek the risk team’s expertise for risk quantification and analysis before significant decisions.

Hughes recounts how this approach led to the identification of a critical risk in a solar generation subsidiary, which, upon analysis, prompted a legislative change, thereby saving the company from bankruptcy.

Continuous Learning and Adaptation

Hopper concludes by highlighting the importance of continuous training and adaptation in risk management. It’s essential to regularly educate new employees and adapt to changing environmental impacts. Ensuring that everyone understands the organization’s objectives and risk terminology is crucial for effective risk management.


Transforming an organization’s risk culture is a multifaceted process involving redefining the risk management framework, engaging stakeholders at all levels, and continually adapting to new challenges.

Like this article?

Share on Facebook
Share on LinkedIn
Share on XING

Talk to an Expert

"*" indicates required fields

Are you looking for support?

If you're looking for product support, please login to our support center by clicking here.

First, what's your name?*
This field is for validation purposes and should be left unchanged.

Submit a Pricing Request

"*" indicates required fields

First, what's your name?*
This field is for validation purposes and should be left unchanged.

Submit an RFP Request

"*" indicates required fields

First, what's your name?*
Which solution does your RFP require a response on?*
Drop files here or
Accepted file types: pdf, doc, docx, Max. file size: 1 MB, Max. files: 4.
    This field is for validation purposes and should be left unchanged.

    GDPR Cookie Consent with Real Cookie Banner Skip to content