It can be difficult to get – and maintain – the attention of the board when it comes to risk; sending them multiple pages full of text is unlikely to engage them in a meaningful way when they’re already juggling other priorities.
So, how do risk leaders catch the eye of their senior leadership team and communicate information about risk more effectively? Representing risk data visually could be the answer.
While the use of heatmaps is common, and often favoured by organisations as a means of presenting their most relevant threats and opportunities, visual reporting comes in other forms and can be applied to aspects of risk management beyond identification.
For example, some risk professionals are using visuals to demonstrate the spectrum of risk appetite across their board and management team, indicating any discrepancy between the two whilst highlighting the risks there is a greater appetite for. Others are incorporating control ratings into the reports they provide senior leaders – with several members admitting that controls are what management care about most.
In order to match their bespoke needs, and to present the information that matters most to their business, other risk leaders are using external software to develop their own tailored graphics.
Similarly, members of Risk Leadership Network are using the suite of tools available to them – such as the Risk Reporting Comparison Tool – to help visualise and validate their approach to external reporting.
During member meetings, and through the interaction offered by network assistance opportunities, our members have been sharing their different approaches to visual risk reporting, which we have captured and outlined in the latest article published on our Intelligence platform.
As well as presenting the graphics they use as part of their risk reports, members have discussed some of the key lessons they have learned while reporting to their board – here are just three of them:
1) Look beyond your business
When reporting to the board, it is easy to focus too much on the risks your organisation is already comfortable with, but a person external to the company could probably work these out themselves based on the industry context.
So, where can the value in risk reporting be found? While risk teams still need to manage the threats they’re already aware of, it is the unknown threats – or “black swans” – which need to be identified and communicated to the board.
In order to capture these in their reports, risk managers are looking beyond the limited scope of their company’s own risk universe and considering external risks – e.g., geopolitical tensions which could have unique impacts – that will affect the business if they materialise.
2) Know what engages your audience
It is an uncomfortable truth, but one that should be acknowledged: senior leaders do not usually like having conversations about risk.
As well as interfering with their goals and outlook for the business, managers often view the practice of risk management as a burdensome administrative task, as opposed to something more valuable.
However, a management team will be interested in how to achieve the objectives of the business: this is what risk managers can latch their reporting onto in order to get themselves a seat at the table.
Risk managers also need to consider the perspective of their board when thinking about the visuals they want to present and should communicate with them first to ascertain what kind of graphical representation they find most useful.
3) Integrate risk reporting and strategy
In the context of business objectives, the reporting of risk should be fed into a company’s strategic planning process, as this is how a company can prepare itself most effectively for new developments in the future.
This means that in addition to visually reporting principal risks to the organisation, risk teams should leverage other graphic tools – like a Risk Radar (see graphic here) – to link their risk taxonomy to the value chain of the business: this will help determine which threats and opportunities need to be addressed most urgently.
For access to the full paper and the template visuals that members have shared within the network, plus our better practice guidance on risk reporting and strategy – which includes detailed content on the key ingredients of internal and external risk reporting – become a Risk Leadership Network member. Learn more about membership here.