COVID-19 has shown the importance of running effective, efficient and flexible business operations and risk management practices. Whilst the pandemic is sadly not over and increasingly rife in countries such as Brazil and India, valuable lessons have and are being learned.

Building good risk management into everything you do should be paramount. Don’t see risk as something that sits elsewhere in the organisation, perhaps in a team labelled ‘risk management’. At work, I expect all my colleagues to talk about the risks in whatever they do, whether it is developing strategy, thinking about an acquisition, looking at building the talent in our organisation or going about their day-to-day jobs.

It is impossible to prepare for every eventuality and very few organisations will have been prepared specifically for COVID. However, organisations can prepare for business disruption and set up structures such as incident management teams that allow them to react quickly to unfolding events. Investing in data sources to keep abreast of changing circumstances is also an important part of risk management. Investing in ensuring you have a culture within your organisation which means you are aware of and discuss risks that face you, you plan appropriate mitigation, you set indicators so you can see risks unfolding and you are ready to react should things go wrong: these are all worthwhile investments which don’t require you to plan for every specific risk that may impact you.

In a survey carried out by the Institute early in the crisis, we found that 32% of organisations surveyed had not considered pandemic risk or anything similar before it happened. Of those organisations, the same percentage had not planned what to do should that hit. One fifth of organisations who considered pandemic risk didn’t then do anything about it.

I think that, as lessons are learned, we will find that the organisations that coped best with the crisis were those which were able to react quickly to unfolding uncertain circumstances and I think there will be a high correlation between those organisations and those that had prepared for similar eventualities. Wargaming unrelated scenarios can help get an organisation’s DNA to a place where it improves its capability to respond to unforeseen events.

We mustn’t allow the magnitude of the current crisis to obscure the other major (and interconnected) risks that we all face. We still need to tackle climate change, cyber risk, supply chain disruption, economic and geopolitical volatility, to mention just a few. The IRM, the IOR and our wider global risk management community stand ready and confident to lead the response.

My advice to anyone thinking of a career in risk or developing their staff is that there is huge value in studying the subject. Having a solid grounding in the principles and practices of risk management will pay dividends in helping your organisation understand and manage its risks. I would also say that change is a constant, so build personal resilience to deal with and, if possible, lead that change. Finally, build your own networks. This will help you navigate change and be effective in work but it will also help combat any feelings of isolation you may have during difficult, turbulent times.

Good risk management is a competitive advantage for organisations but also for individuals and there’s never been a better time for organisations to invest in their staff. The IRM’s enrolment period for our December exams closes on the 31st May. All our qualifications are available via online supported distance learning and are relevant to any organisation, in any sector globally.


This article was published in the May-June 2021 issue of CIR Magazine.

Download as a PDF


Misplaced your login for magazine content? Request a reminder.

Share Story: