Managing risk and responsibility

Risk is inherent in every aspect of business – Bernard Matthews had to face the consequences of an outbreak of bird flu across his turkey farming empire, while Cadbury’s has dealt with cases of salmonella in its production line.

Everything from the need to recall a faulty product or employee fraud, to breaches of corporate governance, health and safety regulation or employment law, attract adverse attention and all of these incidents can have significant consequences for a business in loss of income, the payment of fines, a drop in share value, loss of reputation, or even prison for the directors.

Where are the risks?

The range of risks a company now has to consider has increased significantly. The list of risks for which directors and company officers, in particular, are ultimately responsible just gets longer – the imminent introduction of the Corporate Manslaughter Bill is a case in point.

Consequently, organisations face a myriad of perils, many of which can have a negative impact directly on their income and profitability, or at worst close them down and cause immense distress to staff and investors alike. That means that the management of risk at all levels is becoming a major concern for everyone involved in an organisation, whether they are directors, employees, customers or shareholders.

And it isn’t just a question of simply ticking boxes to show that procedures and processes exist on paper a company needs to take risk management seriously – and be seen to do so. The HR function has a role to play at the forefront of risk reduction, policy development and communication in the business.

Different approaches

The traditional way of mitigating risk has been to introduce internal audit and compliance procedures, and to consider how to insure or underwrite insurable risks while limiting, as far as possible, the likelihood of someone making a claim. This concentrates responsibility firmly at the top of an organisation, while diluting real responsibility and disempowering the people working at lower levels in the organisation. It can also divert the focus of those who should be concentrating on driving the strategy of the business into the detail of operational management and company administration.

A more effective approach is to cascade responsibility down through an organisation, something known as ‘functional self-responsibility’. This empowers and energises management and staff alike, creating absolute clarity about how the business as a whole operates.

If each person is clear about how their role drives benefit for the business and is motivated to treat their role as if they ‘owned the business’ then, by extension, they will feel like they can take full responsibility for the functions they deliver.

To really mitigate risk, every person in the business needs to buy into this culture from top to bottom, and understand how their role plays an essential and integral part in delivering growth in the company and how the consequences of their actions can directly affect the company negatively as well as positively.

Building a framework

To successfully diminish risk, it is essential to address the functional structure of your organisation. This means looking at the fundamental issues about how a business runs profitably, assessing who does what and ensuring they are appropriately skilled or experienced for the job.

By doing this, you will get the most appropriate people in a business undertaking activities for which they have the skills, improving skills where needed, and empowering staff to understand the responsibilities attached to each role.

As each person within an organisation takes on the culture of self-responsibility and understands not only their own role but how it integrates within the larger organisation, they will be able to identify risks at an individual level. Staff no longer view risks as just a responsibility of the organisation, their manager or of their manager’s boss.

The will and commitment to make this happen needs to come from the top layer of management, but HR’s role is pivotal in ensuring this framework of functionality is driven throughout the business, so work closely with senior executives and compliance and legal departments.

Business benefits

You create an environment where everyone is more engaged, as they fully understand the remit and responsibilities of their job through taking on individual responsibility.

Reduced claims result in reduced insurance premiums.

The board can demonstrate to stakeholders that it has a transparent operating structure, functioning in the most efficient and effective way.


Risky business


There have been a number of high-profile cases where organisations have had to put risk management procedures swiftly into place, Here are just a few examples of organisations that have been in sticky situations:



Working out the risk


Coaching firm Shirlaws divides the functions required in a successful, and low-risk, business into three groups, and colour codes these activities as red, blue or black. This enables a company to demonstrate where the business is spending most of its time.



  • ‘Red’ activities are all the essential cost functions, including HR, legal, compliance, admin and IT, without which the business would cease to function effectively.
  • ‘Blue’ activities include all revenue-generating functions and are customer related, such as sales, marketing, production and customer service.
  • ‘Black’ covers all the strategy and management activities related to business growth and long-term planning, including such areas as joint ventures, mergers and acquisitions, and the positioning of the business in the market.

In a functionally balanced business, each individual is engaged in a clearly defined role for which they are skilled and for which they take responsibility. You should start this exercise at the most senior level, where too often directors are engaged in red and blue activities when they should be engaged with strategic black activities. Repeat the process through all the levels of the business to ensure the most appropriate executives focus on the appropriate activities, increasing productivity and mitigating risk.

Comments are closed.