The Unsung Heroes of Risk Management

 

Picture it: A world-ending threat is looming, and you happen to be the chief of security to the president of the United States. There is a plan of escape—thank goodness—but you don’t know all the details. What you do know is you have to do your job: secure the president. But your sanity insists you ensure the safety of your family as well. This might sound a bit far-fetched, and… that’s because it is. It just so happens to be the premise of a new hit TV show I’m mildly obsessed with, starring the absurdly talented Sterling K. Brown. On the show, he mitigated this larger-than-life risk in a thrilling (and arguably frustrating) way. In a real-world, professional context, however, risk management (certainly risk management training) is slightly less entertaining but incredibly serious nonetheless. 

The threats that plague most organizations are typically not life-threatening, but that really depends on the industry. The consequences surrounding risk management can be catastrophic. Unmanaged risks can lead to dire losses of many kinds, most commonly financial. Good risk management ensures that both resources and investments are protected. It makes people feel safe and secure. It’s about being responsible and thoughtful with an organization’s most valuable assets.

As a leadership and development (L&D) professional, you are at the helm of risk management and mitigation. You are the primary enabler, the first line of defense. 

You are Sterling K. Brown. 

Yes, risk management is a shared responsibility across multiple roles and departments, including compliance officers like the chief risk officer (CRO), internal auditors, executive leadership, and human resources (HR), but L&D professionals are the very arms and legs of risk management. Proper, timely risk management training implemented by a capable L&D practitioner can mitigate risks related to compliance, technology, and human resources.

 

Types of Risk Management Training

L&D professionals can serve as proactive partners in risk mitigation by ensuring employees have the knowledge, skills, and awareness to preemptively stop risks before they become significant issues. Enterprise risk management training can solve the problem—on a broad scale—before it begins.

 

• Compliance and regulatory training ensures employees understand the laws, policies, and regulations that pertain to their industry, guided by organizations like GDPR, OSHA, and HIPAA. This type of training reduces legal liabilities through mandatory training in workplace safety, ethics, and data security.

• Cybersecurity awareness and data protection training teaches employees about phishing, secure password practices, and efficient incident reporting methods to help prevent data breaches caused by human error.

• Leadership and decision-making training develops mindful, ethical, strategic leaders who are aware of potential risks to enhance their crisis management skills.

• Workplace safety and emergency preparedness training facilitates safety in industries like manufacturing, healthcare, and logistics by providing drills and simulations for emergency responses to situations like fires and active shooters.

• Ethics and anti-fraud training educates employees on ethical decision-making, how to avoid conflicts of interest, and how to report fraud or misconduct. It supports whistleblower protections and reinforces positive company values.

• Change management and business continuity training helps employees adapt to organizational changes and reduce risks related to resistance, miscommunication, and operational disruptions.

• Diversity, equity, and inclusion (DEI) training reduces risks related to discrimination, harassment, and workplace culture issues. It enhances teamwork and collaboration by fostering an inclusive environment. While federal contractors are required to eliminate DEI-specific training programs under the current administration, private sector entities (without federal contracts) are welcome to continue these initiatives as long as they don’t contradict civil rights laws. 

The Imminent Danger of Poor Risk Management

The consequences can be dire when organizations aren’t adequately prepared for impending risks. Several industries are particularly vulnerable to the impacts of poor risk management and face the threat of significant financial, reputational, regulatory, and operational devastation when risk management goes wrong. 

 

Vulnerable industries: 

• Banking and financial services. Financial institutions manage large amounts of money, making them susceptible to fraud, cyber threats, and market volatility. Poor risk management can lead to bank failures, regulatory fines, and loss of customer trust.
• Healthcare and pharmaceuticals. Compliance with stringent regulations (e.g., HIPAA, FDA, EMA) is essential. Patient safety risks, data breaches, and drug development failures can have life-threatening consequences.
• Technology and cybersecurity. Rapid innovation leads to cybersecurity risks, data privacy concerns, and regulatory non-compliance. 
• Aerospace and aviation. Safety failures can result in catastrophic accidents, fatalities, and regulatory penalties. Supply chain risks and compliance with aviation safety regulations (e.g., FAA, EASA) are crucial.
• Energy and utilities. Environmental, safety, and regulatory risks are high due to hazardous operations and climate-related challenges. Poor risk management can lead to oil spills, explosions, and environmental lawsuits.
• Construction and infrastructure. Safety risks, supply chain disruptions, and regulatory compliance issues make risk management critical. Poor project management leads to cost overruns and structural failures.
• Manufacturing and supply chain. Dependence on global supply chains exposes firms to geopolitical, logistics, and quality control risks. Poor risk planning leads to recalls, production halts, and financial losses.
• Government and public sector. Cybersecurity threats, policy failures, and financial mismanagement impact national security and citizen trust. Poor risk management leads to economic downturns and infrastructure failures.
• Retail and e-commerce. Data security breaches, supply chain disruptions, and reputational risks can lead to financial losses. Consumer trust is essential, and poor risk management leads to brand damage.

The collapse of Silicon Valley Bank (SVB) is a cautionary tale worth telling. SVB was once the 16th-largest bank in the United States. In March 2023, however, it collapsed due to a combination of poor risk assessment and inadequate liquidity management. During a period of low interest rates, the bank invested heavily in long-term treasury bonds. As the Federal Reserve raised rates to combat inflation, the market value of the bonds declined, leading to substantial (unrealized) losses. At the same time, many of the bank’s clients withdrew deposits to meet their own liquidity needs. To raise capital, the bank sold assets at a loss, triggering a bank run that ultimately resulted in bankruptcy.

 

The Strategic Advantage of Effective Risk Management

Now that you have been sufficiently depressed by all the ways poor risk management can go wrong, we need to talk about the bright side: when effective risk management saves the day. Stories with happy endings are arguably more important to tell. Risk management training for employees can shift company culture and give companies the ability to anticipate—and circumvent—challenges and implement strategies to mitigate potential adverse effects.

The Norwalk Fire Department in Connecticut instituted a well-rounded risk reduction and wellness program focused on firefighter fitness, mobility training, nutrition, and mental wellness. Since its inception in 2019, the department has achieved a 27% annual reduction in workers’ compensation costs, decreasing claim severity from $919,000 to $255,000 over five years. This proactive approach enhanced firefighter safety and garnered the department a state-wide award for risk management.

 

The Bottom Line

Risk management training for employees isn’t just a good idea; it’s imperative. A strong L&D function enhances workforce safety and competence and prevents costly mistakes, breaches, and legal issues.

Risk management training using immersive tools like ELB Learning’s CenarioVR creates a safe space to fail without the cost of real-world mistakes. CenarioVR is a user-friendly virtual reality course creator that allows you to deliver customized, three-dimensional learning experiences with very little effort. In fact, ELB Learning has a suite of digital learning products that are perfect for risk-free enterprise risk management training.

Was this a thinly veiled ode to Sterling K. Brown shrouded in sound business advice? Perhaps, but that doesn’t negate the facts: L&D professionals are the unsung heroes of risk management. So, be a hero. Channel your inner Sterling and implement risk management training for your organization.

To learn more about how to develop risk management training for your organization, click here.  

 

 

Frequently Asked Questions (FAQ):

1. What is risk management? The process of identifying, assessing, and mitigating potential risks that could negatively impact an organization, project, or individual. It involves analyzing uncertainties, developing strategies to minimize their effects, and implementing controls to prevent or reduce harm.

2. What is risk management training? A structured program designed to educate individuals and organizations on how to identify, assess, mitigate, and respond to risks effectively. It equips employees, managers, and executives with the skills and knowledge needed to minimize potential threats and ensure business continuity.

3. How do L&D professionals facilitate risk management training? They first have to understand the business and its risks, then use that information to translate complex risk concepts into practical, engaging training programs that drive awareness and proactive behavior. They also track participation, measure effectiveness, and ensure compliance. 

4. How can L&D professionals support risk management/mitigation? L&D professionals play a critical role in strengthening an organization’s risk management strategy by ensuring employees have the knowledge, skills, and behaviors needed to identify, assess, and respond to risks effectively. By embedding risk awareness into training programs, they help organizations prevent crises, ensure compliance, and create a culture of accountability.