Risk management
Risk management

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Risk management

Reporting to the board

In most organisations it is the Board of Directors who are ultimately responsible for the management of risks and they will commonly look to:

  1. ensure there is an effective system of risk management in place
  2. ensure that treatment activities are appropriate and effective
  3. ensure that the right risks are being taken and that the organisation is operating within its risk appetite.

Reporting can be done to the board as a whole but certain activities are often delegated to specific committees of the board. In general there are two approaches:

  • An audit committee looks at the effectiveness of risk systems while a separate risk committee focuses on the content of the risks and the effectiveness of the treatment activities.
  • An audit committee looks at both the effectiveness of risk systems and the content of the risks and the effectiveness of the treatment activities.
Download this video clip.Video player: Video 4 What do the Board want?
Skip transcript: Video 4 What do the Board want?

Transcript: Video 4 What do the Board want?

So a leadership team want visibility of material risks to the business. They want no surprises.
They have an accountability to the shareholders of the business that they're looking after their money. So in that regard, they're looking to make sure that they're aware of the things that could cause loss in the business, and therefore could cause loss to the shareholders, to the business's owners. And so from that perspective, they're looking for high-quality information that helps them govern the business, that helps them make the right strategic decisions on behalf of the shareholders or the owners.
Often when people think about things that might go wrong, they might be concerned about that, because they might feel that it maybe- it reflects badly on their area, and they don't want that to happen. But actually, we all want to help each other in managing risks. So it might be that if you've got, perhaps- I don't know- take an IT risk- if you're open about the IT risk, then it helps the IT team basically prioritise that and maybe sort it out.
The first thing that the leadership actually gets from it is a degree of transparency. It's good to know what I want to do. It's equally important to know what might prevent me from getting there. And this is the transparency that is being brought along by doing risk management right.
The board are there to support the business, but they can't support the business in their full capacity if they don't understand or don't be given early warning, and early enough for them to intervene and actually do what they can to support. So the boards and executives- very busy people, multiple things going on- you know, they need to have clarity, and they need to have faith and trust that they will be given- they will be cited on anything they need to be cited on early enough to do that.
So the board is there to act in the best interests of the shareholders, and increasingly, other stakeholders to the company. So the board is really interested in making sure that they have good understanding of the risks that the company faces and for them to be confident that the right actions are being taken to manage those risks in the best way possible.
I think board or a leadership team, when they're looking at risk management, are looking for similar things as to I, a risk manager, am looking for. They want to see transparency. They want to see a lack of siloed thinking. They want to see that people are taking this seriously, and actually, that people are open and honest about what they're saying. So there's no holding back the facts. There's no- I'm in a bit of a situation, but I'll sort of hold that back for a period of time to keep it going.
Within my organisation, we have a great- from the CEO downwards, frankly, it's told many, many times that we must- if we have an issue, if we have a problem, it's not a bad thing, but we need to know so we can intervene, so we can get the people or the resources with that expertise, with that experience to get involved and try and put it back on track.
End transcript: Video 4 What do the Board want?
Video 4 What do the Board want?
Interactive feature not available in single page view (see it in standard view).

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371