I recently had one of the most cathartic conversations of my career. It was with a senior internal advisor who is now in audit but has held all kinds of roles in the organisation so he gets what support functions do, why they do it and, much to his chagrin, how they do it.

The organisation in question is doing something that many organisations do, changing from A to B after they changed from B to A say five years ago after changing five years before from A to B, you get the picture. In this case it is de-centralising support functions as opposed to the shared services approach. I know, I know, you are heading down the shared services route right? Yep, but in five years’ time you will most likely be turning it around again. However, that is not the purpose of this rant and will be saved for another day.

At any rate, the internal advisor was commenting on how the business was starting to realise that while their corporate overhead cost was coming down, someone still had to do the work. He said they were needing to face their own internal biases about support functions being time wasters and/or overly restrictive and really come to terms with their purpose. Then came the cathartic moment.

He said that he was talking to a division head who told him heads of risk were to be put in each division. He asked, “What for?” The answer was, “To provide information to the board on the risks in the business. Board reporting.”

OMG! There is no wonder that executives in the business don’t get it. They are being told it is all about someone else, the board in this case. No mention about helping them run a successful business, to help them manage the uncertainty we all face in this increasingly fast changing world.

The sooner all the heads of support functions understand that their objective should not be to implement their function and that it should be to support the business to be successful, the sooner everyone who works for them can stop being so frustrated, feeling unappreciated and downright avoided by the business. The sooner they can get on with providing advice that has real impact that helps achieve the success the business is seeking.


Votes: 0
E-mail me when people leave their comments –

Bryan is a management consultant operating since 2001, specialising in risk-based decision making and influencing decision makers, born from his more than twenty years of facilitating executive and board workshops.

Bryan’s experience as a risk practitioner includes the design and implementation of risk management programs for more than 150 organisations across the public, private and not-for-profit sectors.

Bryan is the author of Risky Business : How Successful Organisations Embrace Uncertainty; Persuasive Advising : How to Turn Red Tape into Blue Ribbon, and Team Think : Unlock the Power of the Collective Mind [to be published in 2022].

He is licenced by the RMIA as a Certified Chief Risk Officer (CCRO) and is the designer and facilitator of their flagship Enterprise Risk Course since 2019.

<a href="http://www.bryanwhitefield.com">www.bryanwhitefield.com</a>

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community


  • Robert - nice comments about attitude - here is a linkedin post I put out this week called Match Employees to Risk Appetite.

    If that link does not work, here is the another to try Match Employees to Risk Appetite

  • Thanks for everyone's comments.  Nice when a rant gets some more rants.

    Here in Australia, because of a push by the regulator of the finance sector (which was picked up by the large audit firms and run with, with cash falling out of their pockets because of the speed) for the Three Lines of Defence (3LoD) model, this notion of having  risk in the business running a defensive line has put the industry back years.  Frustrating, hence my rant.

  • Sounds like a box being ticked again Bryan.

    Thanks for the rant, reminds me why we need to keep the fire burning as people still don't get it!!

  • If the functional head doesn't understand the risk within their functionality well enough to discuss it with the board, how about re-evaluating the quality of that resource instead of adding another layer of costly information transmitters.

  • Risk is integral to every business function - the functional heads need to be trained to analyse risk in every decision they take. There is really no point to provide  specialized post of a risk manager in each department which would not only add to cost, but would also complicate decision making process. Risk Management as a separate function is needed

    only in specialize / technical areas such as foreign exchange and treasury - it is also required at organisational level to measure operational risks - but not 'a risk management' cell for each function, such as procurement or sales.    - C. chandrasekhar

  • True, but...  (Isn't that always the case?)

    Those divisional risk managers must have the proper attitude.

    The naïve view is to avoid risk.  But you propose s a far more proactive and constructive role.

    The true purpose of risk management is to take risk and GET PAID for it.

    Alas, those who find themselves in risk lack that entrepreneurial drive.

  • Often times the daily grind is something that is so far removed from where policies are implemented that when a solution is determined to be viable, it's not... It's simply dead on arrival..
This reply was deleted.

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!