Risk managers of the future must be experts across multiple disciplines. Sanjeev Marwaha, a senior risk director in the sustainable technology industry, shares his top strategies for adapting to the new world of risk

1. What are the key skills that modern risk managers need to manage multidisciplinary risk?

There are a number of key skills and attributes modern risk managers need to be mindful of.

technology risk manager

 

A typical ERM professional has to start developing a greater understanding of a variety of topics depending on their organisation and sector.

No longer can you be dependent on technical risk management skills. You really need a strong grasp on strategy and accompanying management processes, how the bigger picture fits together, and how risk-based logic or thinking can help inform the right strategic decisions.

Understanding strategy is key here, to ensure that ERM members are always mindful of whether their role fits into supporting the bigger picture.

Next is understanding what strategic choices the company intends to make. For example, if it needs to expand and enter new markets, or undertake large-scale capital projects or acquisitions – understanding those processes well enough to be able to tailor your work to fit into such lifecycles is key to ensuring the modern-day risk professional is playing a business support role in executing strategy.

“In essence, it comes to finding a way to focus the majority of your efforts on what the company is trying to become and tailoring your work to that area”

In one global company [I worked for] there was a growth strategy, so my focus was on ensuring that it had risk integrated into its project and acquisition lifecycles and deployed dedicated resources in that area.

In essence, it comes to finding a way to focus the majority of your efforts on what the company is trying to become and tailoring your work to that area by developing a specialist understanding where possible.

In addition, understanding your first line is critical if you want to ensure you create the right outcomes for the company and connect better with the business. The need to have the ability to influence and make an impact is already known, but many of the things mentioned will heighten this and help with credibility.

2. How can risk managers juggle the multitude of competing risks, ensuring they give each enough attention?

This often boils down to which risks can have the greatest strategic impact on the company.

In many cases, you will have in-house experts in cyber risk or for capital-intensive companies – safety experts. In such cases, you will have more of a collaborative approach.

But for areas of the company where there won’t be a dedicated employee with a risk-based role (for example Joint Venture Partnerships or R&D), understanding and looking for opportunities to help elevate their local processes and adding risk-based component to them is essential for demonstrating value.

It also helps move perceptions away from a function that is there for oversight to a function that is a solution provider and differentiator for company success.

3. For risk managers looking to become more interdisciplinary, how do you recommend they go about building those skills?

Never stop studying, researching, or learning in every role you take.

If your company is now focusing more on ESG or climate-related targets, there are plenty of standards to get familiar with and specific risk approaches that you can adapt and tailor for adoption for your organisation – you just have to be creative and you need a disciplined mentality for this too.

“Never stop studying, researching, or learning in every role you take.”

If your company is focusing on IT/business transformation then learning more about change management or certain project methodologies is helpful to keep you up to speed.

If your company is going to adopt AI, look into the latest standards (I know they are evolving!) and relevant training to help the company do a readiness and business change impact assessment.

I wouldn’t just focus on the latest risk trend but also make sure you understand what the focus is in your organisation.

4. Lots of risks that are now high on the risk manager agenda also sit within other company departments (e.g. people risk, ESG, cyber). How can risk managers break down barriers and work effectively with other teams?

Sometimes, you will see some differences in approaches but that’s because the context is different. There are a few things I have found helpful to avoid a turf war, and show you are there to help.

Try to understand whether that specific risk specialism is facing challenges with implementation or getting the buy-in they need.

Strong ERM functions can help these teams get the support needed by helping them frame things from a bigger-picture perspective – which can be difficult at times for risk specialisms.

“It is ERM that has a seat at the table and can help positively influence to get those difficult messages across.”

In addition, bring tools such as risk quantification or developing leading indicators to show a more data-driven justification of risk trends but also to drive conservations around preferred vs exhibited risk-taking philosophies to highlight where discrepancies may be in policies or general decision-making.

It is important that ERM teams work with these risk specialisms closely as they will have expert knowledge in their fields. For most mature organisations, it is ERM that has a seat at the table and can help positively influence to get those difficult messages across.