more-arw search

Q&A Forum

Would you have a different answer to your organization's top 5 risks if you were asked formally by the Board as opposed to informally by your CEO?

Very curious about the psychology of risk management. Would we name a different set of risks if our name is associated it with it in writing as opposed to a verbal exchange between colleagues? How does that impact the effectiveness of risk management in an organization?


Topic Expert
Regis Quirin
Title: Director of Finance
Company: Gibney Anthony & Flaherty LLP
LinkedIn Profile
(Director of Finance, Gibney Anthony & Flaherty LLP) |

A request from the Board would be answered with the top 5 Risks to the company. While a request by the CEO would be answered with the top 5 Risks for every department. The CEO list would be a subset of issues that are covered in the Board list. The reason for the difference relates to their area of responsibility. It is not uncommon for a company to establish company focused risk improvement targets as part of the bonus equation. These risks are valid at the company level, but do not have the same meaning for every department.

Topic Expert
Barrett Peterson
Title: Senior Manager, Actg Stnds & Analysis
Company: TTX
(Senior Manager, Actg Stnds & Analysis, TTX) |

No...the top five risks to the company are the top 5 regardless of forum or degree of formality.

(Agent, JKS Solutions, Inc.) |

Accountants spend a lot of time thinking about risk management but it is rare that finance can implement action around risk management. Risk management is often something that is seen as administrative so it gets put off unless there is a regulation or law that requires it. Even the threat of lost data is not enough to establish a risk plan.

One of the risks is actually not planning to reduce risks and threats.

Preaching preparation tends to have the same effect as nagging.

(Agent, JKS Solutions, Inc.) |


I agree with Barrett. Frankly, if there are different answers for those two audiences, you have discovered another risk!

As the owner of my company's global risk assessment process (not the owner of risk mitigation... a very different responsibility/task), I view the integrity-through-transparency rule leads to the healthiest and most productive discussion between company leaders and their board members to solve for the biggest risks.

Happy to share insights on risk assessment and management if you like.



Get Free Membership

By signing up, you will receive emails from Proformative regarding Proformative programs, events, community news and activity. You can withdraw your consent at any time. Contact Us.

Business Exchange

Browse the Business Exchange to find information, resources and peer reviews to help you select the right solution for your business.

Learn more

Contribute to Community

If you’re interested in learning more about contributing to your Proformative community, we have many ways for you to get involved. Please email [email protected] to learn more about becoming a speaker or contributing to the blogs/Q&A Forum.