Skip to content
Skip to main content

About this free course

Download this course

Share this free course

Risk management
Risk management

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

3 Risk ownership in a matrix business

As discussed previously, many businesses today operate a matrix structure. Put simply, this means that the typical employee has two reporting lines: one to the business unit in which they work and another into the function to which they belong.

Download this video clip.Video player: Video 3 Matrix structure
Copy this transcript to the clipboard
Print this transcript
Show transcript|Hide transcript
Video 3 Matrix structure
Interactive feature not available in single page view (see it in standard view).

Businesses that operate in such a fashion need to design their risk systems carefully to avoid duplication of effort or, potentially worse, a situation where no one feels accountable for managing a risk because it is always someone else’s job.

The typical approach to avoid these issues is as follows:

  • Risks are owned by the part of the organisation that suffers the consequences (or gets the benefit) from the risk. This will typically be a business unit.
  • This does, however, leave one remaining issue: how to deal with risks that occur from the same root cause (e.g. failure of a common IT system) that impacts more than one business unit?
  • Here functions can play a key role. By aggregating the impact of the common root cause across multiple business units, risks can be properly assessed and prioritised accordingly.
  • Functions have a role in breaking down silos. As discussed earlier the company management team often see across multiple business units and as such are well placed to identify hidden risks (often risks identified by one business unit but not by another), setting standards for managing certain types of risks (e.g. safety and compliance risks) and sharing best practice.