Skip to Content, Skip to Navigation

Safeguard OSH Solutions - Thomson Reuters

Safeguard OSH Solutions - Thomson Reuters

Alert24 - Safeguard Update

Managing uncertainty

Managing uncertainty
Article Type:
Publication Date:

Management stability and accountability for decision making are key criteria for effective risk management, says an Australian expert.

Kevin Knight, founding member of the AS/NZS joint technical committee on risk management, told the annual conference of the Australian Institute of Occupational Hygienists that people managed personal risks on a daily basis but few organisations did so systematically.

He described risk management as about maximising opportunities while managing the threats and addressing the uncertainties. "So ultimately it is about decision making and managing the outcome."

He stressed that in the interests of safety, board and senior management needed to take risk management seriously, and not just leave it to the "poor old safety manager". It was the line manager who should be held firmly accountable, he said.

Knight liked a definition where corporate governance was described as the glue that held an organisation together to pursue its objectives, while risk management provided the resiliency.

He said organisational decision making involved implicit consideration of the risk management process, which was a core process. "Don't wait for something to happen before asking for a risk assessment."

Managing risk was not about compliance, but understanding the work environment and managing uncertainty, Knight said. "It has to be built into the decision making mechanisms of the organisation."

Systematic risk management within an organisation was crucial so everyone spoke the same language. Risk management also had to be forward thinking, which could be tricky given the often frequent turnover in chief executives and senior managers in the private sector.

"Organisations must have stability at board and senior executive level to introduce effective cultural change, and bring that into the management structure of the organisation."

Risk assessments should be something generated by management, who needed to ensure time and resources were available to carry them out. "If they do not have the skills within the company then they need to bring in experts."

Risk management required clear accountability, responsibility and authority. "That's vital if you are going to have a comprehensive risk regime."

Knight said comprehensive and fully defined accountability was required alongside risk control, so managers understood the problems and the risks. It was critical to differentiate between accountability (those who make the decisions and pay the price if they get it wrong), and responsibility (those who carry out the instructions).

The real challenge for risk management practitioners was to persuade senior management and boards of directors to seriously address the objectives and for those managers to ensure the organisation had the skills and resources to achieve them. "There is a tendency to shoot the messenger and not face difficult decisions."

Risk management should add value and contribute to the achievements of the organisation. It should be based on the best available information including the good, the bad and the ugly - but there was no point in just having collections of data. "You have to have systems to pull it together in a meaningful way, so decision makers can access corporate knowledge ... and people need to break out of their silos and consult other parts of the business."

People Mentioned:
Kevin Knight
Reference No:

From Alert24 - Safeguard Update

Table of Contents