Soft Skill Trainings for Risk Managers

Risk management courses and trainings are generally geared towards imparting technical knowledge to risk managers. The technical trainings educate the participants regarding methodologies for conducting various risk reviews, audits and assessments. This is definitely a requirement for risk managers to be able to do their jobs effectively. However, risk managers need a number of soft skills to be successful in their jobs.  There is limited focus on equipping risk managers with soft skills to manage their jobs successfully.

Listed below are five critical soft skills which a risk manager requires for conducting his/her job. The risk manager’s role is different from a business manager’s role. Hence, the nature and degree a skill is required, is dependent on the job function. I have described below some bits of a risk managers’ role to emphasize the requirement of these skills.

1.    Interviewing Skills

A risk manager to do an audit, review or assessment needs to understand the business processes, requirements and criticality. For this, he interviews the business managers to obtain the required information. In some cases, interview questionnaires are issued to business managers. The risk manager need skills to draft questions assimilate and analyze information. The deliverables of the project is significantly dependent of the quality of interview conducted.  For example, in a fraud investigation, suspects and eye witnesses are interviewed to gather evidence. In such a case, it is critical for a fraud investigator to have good interviewing skills.

A formal training should be provided to risk managers to develop their interviewing skills. This would significantly improve the quality of work submitted by them.

2.    Managing Virtual Teams

As business complexity is increasing, a risk manager has to work mostly with virtual teams. Risk management projects involve managing business operation team members from multiple business units and locations. For example, for conducting a fraud investigation, an investigator needs to work with business operation teams to understand the process, identify the weaknesses, and interview the suspects. In normal investigation, a fraud investigator’s project team will consist of managers from different departments – information technology, business operation, human resources. These may also be from different locations depending on the locations the process is impacted. Since risk management is a staff role, the risk manager has no formal authority on these resources,

This clearly outlines the need for risk managers to work with virtual teams. They need to procure talent from different functions and locations to execute the project effectively. As a staff function, they do not have any authority on the resources, hence the intricacies of managing the team increase. Lastly, some of the projects are for short periods, so risk managers need to assimilate the team and make it productive in a short period.

3.     Communicating Bad News

Employees do not like delivering bad news to their bosses as their survival and well-being is dependent of favorable opinion of their boss. The fear is that messenger of the bad news will get shot.

In normal course of business, a risk manager is required to report on shortcomings of the business operations and in crises situations (example: financial fraud, data thefts, physical security breach, fire etc.) extremely bad news to the management and employees. In such situations, a risk manager should effectively deal with the negative emotions of the receiver of the news, and control his/her own emotional reaction while delivering bad news.  

Considering this aspect, the risk managers’ require training on delivering bad news through verbal and written communication. They need to be trained to communicate factually correct negative and bad news with empathy, sensitivity and briefly. They should be trained to deal with negative situations and people reactions with emotional intelligence.

4.       Constructive Confrontation

Most employees like to avoid disagreements, confrontations and conflict in professional life. Secondly, conflict resolution is sometimes achieved through brute force and might is right tactics, with the senior generally winning. In such cases, the right cause and principle is sacrificed.

The risk managers’ job is to find problems and raise the contentious issues to the concerned business managers. In a few cases, these results in business managers reacting emotionally, taking the criticism personally instead of considering it a procedural or process issue, and thus creating a lot of political turbulence within the organization. Despite these factors, to be effective a risk manager needs to hold his/her ground and raise the problematic issues repeatedly.

The risk managers require training in constructive confrontation and on how to build a culture of constructive confrontation. Constructive confrontation teaches the techniques of asking difficult questions which might be challenging the seniors’ decisions and ideas. The risk managers also need mediation and arbitration skills to manage conflicts.

5.       Managing from the Middle

A risk management department is small in number and financial budgets, however holds significant power due to their impact on the overall organization. Risk managers are visible in the organization as their reports are submitted to the senior managers and circulated to the middle and junior managers.

The risk managers’ position and role creates sensitive political situations in the organization. They need to manage the expectations of senior management and guide the juniors. A line manager of similar rank may need to manage his/her team and boss and super boss daily . However, for a risk manager the numbers multiply by organization size and complexity.

Considering this aspect of risk managers’ role, it is essential that they are trained to manage from the middle. They require extensive influencing and persuasion skills to be effective. This skill facilitates them in managing the political situations sensitively.


Risk managers’ role is becoming complex due to the changing economic scenario, globalization and advancement in technology. To be effective, besides have a firm grasp on regulations, laws, and risk management techniques, they require extensive training in soft skills. Success of risk management department is very much dependent of the soft sills of the risk managers. Hence, heads of risk management departments should find the soft skill gaps in their team members and provide the required training.  The soft skill training module should be incorporated in the annual training plan.

13 comments on “Soft Skill Trainings for Risk Managers

  1. Your point about communicating bad news is very true. I have been in several organizations where nobody wanted to even whisper (let alone shout) that the emperor has no clothes! This has led to significant costs to the company in the long run, but of course in the short term no one gets hurt – neither the employee nor the management. Sometimes the real culprits get away even in the long term because they change departments or leave the company.

    Much of this is probably due to the cultural education imparted at a very young age, when no one is allowed to question authority figures. Obviously this behavior (at least from my experience) is more common in Asian – Indian, Chinese, Japanese, Middle eastern etc, cultures than in some western ones. However western cultures have their own weaknesses which allow the same problem to exist – we can talk about this on another blog!

    • Bala,

      Thanks for reading the blog. I agree with you that this is basically a cultural issue and depends on how a child is raised. I am reading Richard Branson’s autobiography. In it he has explained that in 1960/70’s nearly every British boy was sent to hostel at age of 8. In the hostels the kids were beaten up for the slightest fault. Even parents punished the child for disciplining, it was more of kids are seen and not heard. I never understood the context of the hippie culture in the west during those days. Now reading his biography it is quite clear. A child if raised under such strict discipline ( which in present context amounts to child abuse) is either going to become a rebel or be absolutely docile to authority.

      Secondly, a person raised in such culture will not be able to accept criticism from a younger person, as it will be considered the younger is disrespectful or audacious. So I think this is definitely a very complex issue to deal with, whether one considers eastern or western cultures. It is also a generational issue. Baby boomers never criticised their parents or seniors (hence, they can’t accept the same), Gen X were not outright rebellious but did debate with parents and seniors to put their points accross (hence, they are open to discussions) and Gen Y consider it their right to have negative opinion and share it ( so they take criticism in their stride). With social media we have to live in Gen Y world, where every person can comment on another person. So some readjusting of thinking and attitudes is required for survival.


  2. I have worked with several virtual and global teams focusing on risk management. A huge challenge for them is finding the right balance of control and trust, the work tends to lead us into high control areas and ideas but effective virtual teams require trust to perform.

    More control undermines trust but is usual the solution that regulators, politicians and risk professionals prefer. in people management we need to find ways to encourage empowerment and trust and real control comes from empowered and responsible people, otherwise Sarbanes Oxley and all the other many regulations would have worked last time!

    • Kevan,

      Thanks for reading my blog. I agree with your viewpoint completely. In risk management unless the business operations team are empowered and trusted, they will fail. We need to start applying collective intelligence to empower and trust them.

      Kind regards,


  3. Pingback: Key Performance Indicators for GRC Departments « Sonia Jaspal's RiskBoard

  4. Pingback: 10 Steps for Restructuring Risk Management Function « Sonia Jaspal's RiskBoard

  5. Pingback: project management

  6. Pingback: types of technology

  7. Pingback: Storytelling for Risk Managers « Sonia Jaspal's RiskBoard

  8. Pingback: Risk Management Induction Training to Business Teams « Sonia Jaspal's RiskBoard

  9. Pingback: Creativity @ Risk « Sonia Jaspal's RiskBoard

  10. Pingback: Program Change Management Risks « Sonia Jaspal's RiskBoard

  11. Pingback: c interview questions

Comments are closed.