Earn a Seat at the Table: Making Sure Risk Management is Included in Strategic Decision Making

To achieve strategic success, risk management must move beyond compliance and play an active role in how enterprise objectives are established and pursued. This session at RIMS 2025 showed how enterprise risk management, operational assessments, analytics, and risk visualization can help leadership teams align priorities, consolidate critical data, and allocate resources more effectively – all while strengthening decision-making across the organization.

The session was presented by:

Andrew Tait
Managing Director, Integrated Risk Leader
Sigma7 Strategic Risk Solutions

From a strategic perspective, risk planning is inherently connected to meeting the organization’s goals. To become the advisor, the risk manager needs to be invited in and given a seat at the table.

Risk is connected to everything in an organization. In order to make that evident to your decision makers, it is important to uncover to understand what is important to the executive team, and in turn, what keeps them up at night. Once you understand these factors, you can start identifying issues that need to be addressed through risk decision making.

Determine Your Risk Profile
Thinking in advance is how we make better decisions. The risk manager can guide the company through this process by asking the right questions internally to help top management make the right decisions. This can be approached in several ways:

• Uncover the many resources at your disposal, which includes analytics, to help to create a model and make future decisions.
• Get past the “paper exercise” with ERM programs that include a risk list that gets sent to executive management or the board. Identifying risks on a list is a step, but it is not a full risk management program. It is a reactive approach that only addresses problems after they occur.
• Include stakeholders of all levels of the organization as part of your risk control program design. This could include using input from engineers after they evaluate your work sites.
• Perform supply chain deep dives to map information at a detailed level. Evaluate suppliers and determine what could happen if you lose them.
• Manage key internal risk partnerships. Know the business, talk to people like facilities and the supply chain team to determine what you can do to help make their life easier in the long run. This makes everyone happy and your program more efficient.
• Ask questions to solve problems, learn, then provide answers.

Design Your Risk Program
Once you have uncovered the risk profile, it is time to develop a plan that is both strategic and effective. The following ideas can help achieve that:

• Look at the big picture to make decisions based on the global value of risk. This includes planning at the site and business unit levels. Benchmark across regions and levels to understand strengths and weaknesses, interdependencies, and where to focus.
• Understand your return on risk investment. Support various departments in risk data collection and show the value of addressing these exposures.
• Make your plan comprehensive. Address practical objectives related to crisis management, business continuity, incident management, and disaster recovery. Build policies, processes, and playbooks in response. Also define the impact of losing mission critical assets, infrastructure, systems, and processes.
• Create a recipe for recovery that includes bespoke plans and guidelines that are specific to your organization and operations.
• Train stakeholders of all levels on your plan. Make learning easy through routine drills and training that are practical, yet engaging.

One you have completed your research and built a plan, use the information you gathered to approach risk financing through insurance programs. If you can understand your risk, model it, and determine what you think it is worth by layer (including the volatility in those layers), you have intelligence to help accurately determine factors like limits, captives structures, and multi-year options. Switching to a risk financing view helps you speak your CFO’s language to prove the cost of transferring risk and why it matters.