11/14/22, 10:54 AM Top 12 risk management skills and why you need them

Risk management is a must for anyone who aspires to be a leader or manager. There is risk to be addressed at
all business levels, and if a leader is unable to manage risk, their upward mobility will disappear.

The best risk managers are often unknown, because they mitigate or prevent the risk. People often only notice
when things go wrong, not when things go right. A business could have 364 days of trouble-free operation. But
the one day a server crashes, there's a data breach or a laptop is stolen -- all eyes are on you.

Being a capable risk manager requires awareness and knowledge to uncover potential risks and present them
to people best suited to solve the problem. A risk manager doesn't necessarily have to make the fix -- they just
need to bring it to the person who can.

What is risk management?

Risk management means being informed and mindful of potential risks and what could go wrong -- the expected
and the unexpected. Risk managers are aware of all forms of risk to their area of responsibility -- and beyond, if
possible. They know how those risks would affect the business and what steps to take, or what contingency
plans should be in place to avoid the problem.

THIS ARTICLE IS PART OF

What is risk management and why is it important?

Which also includes:

governance, risk management and compliance (GRC)

risk avoidance

risk map (risk heat map)

Is risk management a soft skill?

https://www.techtarget.com/searchcio/feature/Top-12-risk-management-skills-and-why-you-need-them 1/4
11/14/22, 10:54 AM Top 12 risk management skills and why you need them

Risk management is a very complex and comprehensive skill. It is not a soft skill. There are many types of risk,
including compliance, security, operational and financial. Compliance is a key factor, because there can be few
greater risks than falling afoul of government regulatory agencies. They can do far more damage than a hacker
or out-of-date software.

Risk managers need to constantly study, learn, adapt and implement new regulations as they come -- and they
keep coming. Proactivity is the hallmark of risk management. A reactive approach means addressing the
problem after it becomes a problem. Risk managers need to stay ahead of the curve.

Risk managers need a number of skills to be successful. Here are some of those skills.

How do you become a good risk manager?

Good risk managers need several skills. Here are some of those skills.

1. Analytical skills
Risk managers need analytical skills to collect data and make important decisions using that data. They also
need to spot holes and weaknesses that others may have missed in the systems, infrastructure and other areas.

2. Problem-solving skills
Risk managers also need to be able to solve problems. While some risks may require passing the news on to
someone above their pay grade, some will fall to the manager to solve. So they need to like getting their hands
dirty.

3. People management and leadership skills

All the problem-solving skills in the world are useless if managers can't rouse the troops. Risk managers need
good people and leadership skills to inspire and lead staff. Risk management may require upsetting the apple
cart, and managers need the respect of their team through challenges.

4. Relationship-building skills
This goes hand in hand with the previous skill. Risk managers need to be able to build relationships -- and not
just with their immediate subordinates. They should be able to build relationships with other departments and

https://www.techtarget.com/searchcio/feature/Top-12-risk-management-skills-and-why-you-need-them 2/4
11/14/22, 10:54 AM Top 12 risk management skills and why you need them

superiors.

5. Financial knowledge
Risk managers need to know the average cost of network outages and security breaches. Financial risk is what
will get everyone's attention. Managers need to know the costs in lost productivity, lost income and financial
penalties -- the latter of which can be crippling.

6. Regulation knowledge
If there is one thing the government does well it is regulate. Regulation is constant and changing. Risk
managers must invest their time to stay up to date on all changes and understand those updates.

7. Business understanding
To identify and estimate risks to a company, risk managers need to understand how the entire business works.
They can't say finance doesn't matter because they are in IT, or vice versa. Business understanding is a must --
especially if the risk manager has aspirations for the C-suite.

8. Ability to quantify risks

After assembling a list of potential risks, risk managers need to be able to rank, on a scale of their choosing, the
likelihood and severity of each risk. They should have a complete list that notes the most to least likely risk, and
the most severe to least severe risk. This will determine the risk manager's focus.

9. Ability to choose mitigation strategy

There are four main types of mitigation action or strategy, according to the site Skills You Need:

Acceptance. This means accepting the risk and taking no action to mitigate it. This is for risks that will only
have a small effect or are unlikely to happen.
Avoidance. This means making every effort to avoid the risk. This is for catastrophic risks that are almost
certain to happen.
Limitation. This is the most common mitigation strategy, which aims to limit either the likelihood or the effect
of the risk.
Transference. This is the transfer of risk to someone else who is prepared to accept it. This is used in areas
outside of a risk manager's core competency.

10. Strategic thinking

No sports team ever wins by only playing defense -- and that applies here, too. If a risk manager looks at how
things affect the business as a whole, they might come up with a better way to operate. Their job is to see the
big picture, and they might see something others miss.

11. Adaptability
Risk management requires constant education and keeping up with the news. Ten years ago, no one heard
of ransomware. Now it's one of the greatest threats that companies face. News sites and industry journals
should be regular reading material.

12. Mathematics

https://www.techtarget.com/searchcio/feature/Top-12-risk-management-skills-and-why-you-need-them 3/4
11/14/22, 10:54 AM Top 12 risk management skills and why you need them

Risk management involves a lot of numbers and analysis. This requires comfort with numbers and calculations.
There are many analytical tools available -- including Microsoft Excel -- that can help with cost estimates.

Create a culture of psychological safety

People often throw around the phrase, "Don't shoot the messenger." But all too often, management does shoot
the messenger. This creates a climate where people are afraid to speak up.

After the Boeing 737 MAX airliners were grounded due to two fatal crashes, it was revealed that engineers knew
the planes had defects but were afraid to go to management.

As a result, a new way of thinking emerged called psychological safety. Psychological safety is about creating a
climate where people are not afraid of being punished for making a mistake or being the bearer of bad news.
Psychological safety is meant to bring in a climate where people are not afraid to speak up -- especially when it
relates to severe risk.

https://www.techtarget.com/searchcio/feature/Top-12-risk-management-skills-and-why-you-need-them 4/4