Three Key Questions

Have you ever tried having a conversation with a risk practitioner about risk management concepts without using the word ‘risk’? Similarly, as a risk practitioner, have you had a conversation with a quality management practitioner without them mentioning the word ‘quality’?

One of the biggest issues we face as risk practitioners is having conversations with non-risk practitioners, especially front line people, about what we do and what we need them to do to ensure that risks, (there is that word again), are adequately identified, mitigated and monitored. Wouldn’t it be a more useful conversation to talk in terms that the front line is used to and understands? Read article 'Are you a Risk Manager?'

Front line staff know what they need to do to achieve their objectives – be it sales targets, transaction processing targets, customer satisfaction targets, quality targets, or whatever it is that they do that collectively allows the organisation to achieve its objectives. They understand their business processes and where shortcuts can be taken to ‘get things done’. They know when other staff are not following procedures – with malicious intent or not. So how do you change the risk conversation while still getting the risk management result required by the organisation? Simple! Here are some suggestions:

Number 1.pngDon’t ask a front-line manager to list their risks. Ask instead what could go wrong in their systems, people and processes that could impact on them achieving their objectives. Then ask them what they could do to reduce those things from happening, or reduce the impact on objectives if those things occurred.

Number 2.png
Ask the front-line managers what keeps them awake at night. What are they most worried about. Ask them why and what do they think they can do about those situations to make them less important.

Number 3.pngDon’t ask about control effectiveness. Ask instead whether the activities / processes that are in place are sufficient to stop them worrying about things going wrong. If they are not sufficient, is there any more that can be done that is reasonable and practical, taking into consideration financial and resource constraints? Get them to tell you what more can and should be done.


In response to the above suggestions, I am often told that the ‘risk management software’ doesn’t allow for field names to be changed, or that there is no ability to add help text and user guidance in the risk identification and assessment forms and so the change of thinking stalls.

A key feature of Protecht.ERM is the ability for our clients to create and modify forms based on the language that is relevant to their user community. They can do this without needing any IT skills or engaging a vendor to make the changes. So by using Protecht.ERM, there is no excuse in not having the right conversation with the front line in a language that they understand while still embedding the organisations risk management framework.

For more information on Protecht.ERM and how you are able to create and modify forms to suit your context, please send an email to

Download this complimentary eBook that has already been read by more than 1000 risk and compliance professionals around the world.Banner_Creating Dashboards Your Users Actually Use_Facebook_1200x600


ASIC Report Whitepaper: A Regulatory Spotlight on Non-Financial Risk

A Regulatory Spotlight on Non-Financial Risk

Download Now

Related Articles

feature image
Risk Culture Risk Management Training

Risk Management Training to Improve Your Business

As a business seeking to maximise your return on employee investment, there’s hardly a better choice than to educate staff at all levels with risk...
Read more
feature image
Enterprise Risk Management Risk Management Case Study

How the Sydney Opera House Improved Transparency and Accountability

Interview to Saira Buksh, Sydney Opera House ERPG Operations Administrator My name is Saira Buksh. I work for the Sydney Opera House and I have been...
Read more
feature image
ERM Risk Controls Risk Manager Risk Management Software Videos Webinars

Controls Assurance Webinar

Awesome Controls Assurance: The Confidence to Go Faster This event was done live on Oct.22nd 2019. Access the recording here. “The greatest potential...
Read more