Brand Building of Risk Management Department

“Your brand is created out of customer contact and the experience your customers have of you” – Stelios Haji-Ioannou, Chairman, EasyGroup

The risk management departments are sometimes perceived in negative light due to their role in the organization. The business operation teams view the risk management departments as office police, watch dogs, critics and messengers of bad news. The basic job function of the risk management departments is to:

  1. Conduct audits and reviews of business operations and identify weaknesses, non-compliance and non-adherence issues. This generally negatively impacts the business operation teams as their work is under review and shortcomings are identified.
  2. Ensure compliance to all statutory and legal requirements. This activity sometimes results in business operation team needing to adopt a longer process with more controls and/or sacrifice a specific strategy of earning profits because it contravenes laws. Here risk managers advise sacrificing profits to maintain ethics and laws, which again negates the activities of business operation teams.

The negative image causes a lot of damage to the department and team members. The following reactions of business operation teams are sometimes observed:

  1. Lack of transparency or hiding facts from risk management team.
  2. Obstructing risk management team’s participation in critical meetings and discussions.
  3. Creating political scenarios where risk management teams credibility is put in question.
  4. Ganging up or retaliating against the risk management team at a personal level.

These reactions are driven by emotions of the business operation teams. It is a scenario where the messenger of bad news gets shot. As one senior manager said to me when I was responsible for fraud investigations – “Sonia, your presence in my office indicates to me big time trouble, so I can’t say I am happy to see you. However, as there is trouble and I know it is you who is handling it, it gives me a level of confidence that it will be handled efficiently.” This statement basically indicates the sentiments of most professionals when they see a risk manager in their office. Sometimes the views are so clouded that a risk manager’s professional job and personal personality are considered one, and they are viewed as being critical, ruthless, rude, etc. in personal life.  

These negative emotions build resistance to the risk management department and their work is made more difficult. The need of the hour is for the risk management department to focus on building a positive brand image. The following process should be adopted for building a brand of the risk management department.

1)   Vision & Mission of Risk Management Department

The risk management department needs to position themselves such, that stakeholders and customers view them as value adding agents. The vision and mission statement should be communicated to all the stakeholders and customers to ensure that same message is received by all. This can be done by putting up on the company intranet in text and video. Mass newsletters and emails can be used to convey the message.

2)   Understand customer requirements

The risk management department should do some internal selling to build awareness that business operation teams will benefit from associating and involving them. Organization surveys, group forums and one-to-one in-depth interviews should be conducted of the business operation teams. The purpose should be to understand their requirements from the risk management teams, and their positive/ negative emotions regarding various aspects of risk management. The business strategies and operations should be understood along with personal aspirations of the team.

With this information the risk management team should conceptualize and discuss a method by which they can hand hold the business operation teams in achieving their goals with complete compliance to legal requirements.

3)   Build trust and credibility

The risk management department at some level is viewed with fear and apprehension by the business operation teams. The perception is that the negative points highlighted in the reports will be used as political ammunition to harm the business operation managers. This creates an environment of distrust.

In a risk management department trust is the key component of its reputation. A risk management department perceived as unethical, political and self-serving can damage not only the department but also the organization.

The risk management team needs to first focus on building a non-political independent image which is for the benefit of the organization. Few aspects need to be ensured:

  • Reports issued focus on process shortcomings and are not person specific.
  • CXO’s and other managers do not use the reports to settle their personal political agendas.
  • Develop relationships at all levels of the organization to address employee concerns regarding the reports and their impact.
  • Ensure transparency in the process and obtain buy-in of the business operation teams on the recommendations and way forward.

In nutshell, the department should always be perceived as following the high moral ground and using ethical means to manage issues.

4)   Focus on the bigger picture

The image of risk managers is that they are focused on nitpicking and make mountains out of mole hills. The other aspect is that they do not appear at the CXO radar since the observations are immaterial from the CXO’s standpoint of business. This image is basically formed as the risk management departments are focused on transaction audits.

The risk management department needs to develop a strategic focus and understanding of the business. They need to involve themselves at the point of strategy formation and provide viewpoints for increasing shareholder value while minimizing risks.

The present day organizational challenge is to build a healthy work culture. Risk managers can be key drivers for building an ethical and constructive work culture. They need to develop the core values of the organization and work with organization behavior change management team with human resources department to build a uniform culture throughout the organization.

5)   Reward and recognize accomplishments

The next negative viewpoint of the risk management department is that it is viewed as a department which dishes out the punishments with a stick in hand. People suffer emotionally from the criticism and the management actions taken for implementing the recommendations.

Here the risk management department needs to bring an attitudinal shift in business operation teams. The good things about their operations and positive compliance should be recognized and rewarded.

The risk management department can initiate a formal recognition and reward system with the help of human resources department. The criteria for achieving the key performance indicators should be communicated to the operations team. In some manner a competition can also be set up to check on the awareness of risk management practices and adherence to the same.

Last but not the least, the reports submitted should provide a balanced view. For example, if 20 internal controls checks have been done, and 5 are considered weak. The report should indicate that 15 internal controls are good and only 5 are weak.

To summarize, risk management department to build a positive image needs to ensure that the business operation team experiences with them are favorable and perceived in positive light. They should take care that they are not perceived as selling negative services.

Welcome your opinion on building a positive brand.

20 comments on “Brand Building of Risk Management Department

  1. Pingback: Brand Building of Risk Management Department « Sonia Jaspal's Blog « Harrington Fundraising

  2. Pingback: Brand Building of Risk Management Department « Sonia Jaspal's Blog « Politics And Funds

  3. Pingback: Political Fund Consultant » Blog Archive » Brand Building of Risk Management Department « Sonia Jaspal's Blog

  4. Pingback: Political Campaign Expert » Blog Archive » Brand Building of Risk Management Department « Sonia Jaspal's Blog

  5. Pingback: Tweets that mention Brand Building of Risk Management Department « Sonia Jaspal's Blog --

  6. Sonia – Great post.

    In my experience, what helped to establish a good “internal branding” of the risk management department has been to go slightly beyond observing inadequacies, failures and risks in some areas. When the Risk manager also gives some ideas of how things SHOULD be, and, even better, points into the direction of HOW to address the issue, then it helps greatly.

    Very often the “offender” is not aware that they are doing something “wrong”. Getting an idea of what he/she could do to correct things not only soften the blows, but gives a lot more value to the risk assessment – and positions the Risk manager as a value-added partner who is there to help avoid potential problems in the future.

    The relationship of trust is then established, and becomes a win-win partnership.

    • Sandrine,

      Thanks for the compliment. You are absolutely right, a risk manager now needs to fulfill the role of a friend, advisor and mentor besides the regular auditor. It is difficult to wear so many hats, so the risk manager gets typecast in one.


  7. Pingback: Preparing Annual Risk Management Strategy « Sonia Jaspal's RiskBoard

  8. When I read a good blog post I do some things:1.Forward it to all the close contacts.2.keep it in all of the common social sharing sites.3.Make sure to return to the same website where I read the article.After reading this article I am seriously concidering doing all of them.

  9. Pingback: pictures of grouse | Xtreme Duck Hunting

  10. Pingback: Happy 2011 « Sonia Jaspal's RiskBoard

  11. Pingback: Preparing Annual Risk Management Strategy

  12. Pingback: Preparing Annual Risk Management Strategy « Information Systems Security Officer

  13. Pingback: It Risk Management » Blog Archive » Preparing Annual Risk Management Strategy

  14. Pingback: Fraud Risk Policy

  15. Pingback: Images of a Chief Risk Officer « Sonia Jaspal's RiskBoard

  16. Pingback: Risk Dashboard | Dashboard Light

Comments are closed.