Why do most CEOs or other senior business executives cringe at the thought of having to meet with risk management professionals? By their very nature, CEOs are hard wired to seek out growth opportunities that will add value to their companies. However, risk management professionals are hard wired to find ways to minimize losses that will erode value. The goals are polar opposite to one another.
So, how can you get your CEO to embrace your risk management program? You must change the way you communicate about risk. For most risk management professionals, the focus of the conversation with their CEO is on the likelihood and impact of risks that a company faces. This is typically depicted by using a risk heat map such as the one below.
The problem with this exercise is that it is born out of an insurance mentality of minimizing or eliminating losses by reducing or avoiding high risk business activities. This is counter-intuitive for the CEO. CEOs are the ultimate risk takers in your company and rightfully so. However, what separates the successful CEOs from the unsuccessful CEOs is the ability to take the right risks. So, you must re-frame the conversation about risk from “high risks vs. low risks” to “good risks vs. bad risks”. Some of the very same “high risks” may actually be “good risks” when fully evaluated against the value created and the company’s understanding or appetite for taking the risk. A different way to view the risks is depicted below.
Many of these “good risks” lie at the heart of innovation that have driven companies like Apple, Google and others to break from the pack to dominate their market. Gartner’s research and advice can help you make this simple shift in your risk-related communications with the CEO and others in your company. To learn more, view my latest research by clicking here or attend one of our upcoming Security & Risk Management Summits around the globe.