Communicating About Risk

Productive risk assessment requires clear, direct communication among CEO, CFO, CLO and other executives. But when each member of an executive team is focused on a different type of risk, such communication can be difficult. In order to put an effective risk management program in place, there must be a common language to discuss risks related to any issue, and to assess whether a particular risk is one the company should accept.

There are commonalities regardless of the type of risk being discussed: the likelihood of a risk occurring, the impact it might have, and a company’s tolerance for handling an event if it should arise.

All parties addressing the issue should learn to discuss those issues using the same language, so that different types of risks can be analyzed and compared. More important than the specifics of the language is that it be simple to understand and used consistently, so that a complex analysis of risk in one area can be discussed by team members whose expertise falls elsewhere.

Executives should devise a scale that equates different types of risk according to the impact of the potential consequences. An assessment of risk tolerance requires an analysis of the company’s stability in individual areas. The stability of a company’s reputation, for example, is likely unrelated to its ability to engage in a long-term legal battle.

A company’s financial stability is a major factor in risk assessment and requires additional consideration.