Risk awareness hasn’t always had a good press. Sadly, the Health & Safety Executive (HSE) appear to have dropped the myth busters section of their website as that gave some great examples of incorrect pronouncements in the name of health and safety. But it is probably fair to say that over the years some practices have been unfairly labelled with the health and safety or risk label when they might better have been called ‘jobs worth’ or ‘can’t be bothered.’
That’s not to say that risk should be ignored. Statistics show that an emphasis on health and safety practices has led to a reduction in work injuries. According to the HSE, in the year 2000/01 there were 3,980 non-fatal injuries per one hundred thousand workers. By 2020/21 this had fallen to 1,410.
Risk appraisals and risk awareness are not simply confined to physical risks. IT failure, damage to reputation, process risk and external risks all play their part in the risk matrix of an organisation. This broader definition of risk was clearly demonstrated in the latest FTSE 350 Boardroom Bellwether report, released in July 2022. Sponsored jointly by the Financial Times and The Chartered Governance Institute UK & Ireland, the six monthly report tracks changes in approach and concerns inside British boardrooms.
One of the key findings of the latest report was that 79% of respondents felt that their company’s exposure to risk was increasing. The top three risk factors giving particular cause for concern were cited as global economic risk, geopolitical risk, and cyber risk. Climate change, previously in the top three, also came in for a mention.
The rise in risk exposure is perhaps not surprising given the rise in fuel prices and the impact of the war in Ukraine. In fact, looking specifically at Ukraine, the top concerns revolve around ensuring compliance with sanctions, reviewing business relationships, and the welfare of employees affected by the war. This highlights an important message; risk is not simply the concern of the boardroom, it potentially affects every individual within the organisation.
With that in mind, what can companies do to take risk awareness out into the wider sphere?
- Share concerns. Risk may be a perennial board discussion point but it should not stop at the boardroom door. The more that potential areas of concern are openly discussed within the organisation, the more that employees can contribute to mitigation.
- Encourage risk awareness. Risk should not be confined to those areas which are at the top of the boardroom agenda. Creating a culture in which everyone is risk aware could help to identify potential risk areas before they become a problem.
- Risk is not a tick box exercise. As with health and safety, it can be all too easy to slip into a tick box mindset when it comes to risk. Issuing leaflets, putting up notices or expecting people to complete a questionnaire on an annual basis won’t create engagement. Boards need to find a new approach which will resonate with their people and take risk into the mainstream.