With advances in technology, risk and risk management should be major issues for boards. Unlike many other board issues, the topic of risk management requires expertise on some level. In most cases, boards will need to form a risk management committee to properly address the risks that the organization is facing, as is usual for issues where there are no obvious, immediate or inexpensive solutions. Risk committees will strengthen and support a strong and effective risk management program. A risk committee agenda template will get your committee off to a solid start.
Avoiding Pitfalls for Risk Management Committees
It’s easy enough for any committee to unintentionally develop pitfalls that decrease the efficiency or effectiveness of a board committee. It’s helpful to know what those pitfalls are and to take steps to avoid them up front.
First, it’s important for boards and committees to set realistic goals for the risk management committee. Rarely is it possible to take advantage of opportunities without assuming some degree of risk. It’s important for the committee to have some idea about the nature and degree of risk they’re willing to incur and to have a consensus on that.
Because the issue of risk management is a high priority, one of the mistakes that some boards make is to form a risk management committee just to say that they have one, and the committee does little or nothing of value. In that case, it’s better not to have a risk management committee at all and to take some practical steps toward risk management than to have a poorly functioning risk management committee. It’s possible to take steps like enforcing risk policies and tackling a risk management plan even if your organization doesn’t have a risk management committee.
Boards should consider what the risk management committee’s vision should be. Obviously, they should learn from their mistakes and prior losses, but there’s much more that they can do. When brainstorming about the vision for risk management, committees should spend the bulk of their time thinking about risk-taking and risk management as they relate to the future and planning for the organization.
Just as diversity is important for board composition, it’s also important for risk management committees. When boards get started planning a risk management committee, they’re often surprised at how many people are interested in serving in that capacity. Try to think outside the box on this and invite participants beyond the board and management. Employees and volunteers may be eager to serve on this type of committee and they will help to diversify the group.
Gearing Risk Management Committees Toward Success
Risk management committees will get off on the right foot when they have a strong and capable leader. The risk management charter should outline who will serve on the committee. The charter should also clearly state the committee’s purpose, goals and authority.
The statement of overarching purpose should provide oversight across the organization for all categories of risk so that the board has the proper practices and protocols in place to identify, understand and manage risks. The statement of purpose may also refer to boards and committees sharing the responsibility for risk management.
The charter should state how frequently the committee will hold meetings. The committee may meet quarterly, every other month or on some other schedule. The charter should state the day of the month and the time of risk management meetings. Committee meetings usually last for one to two hours.
The charter should also outline the specific goals and responsibilities for the committee. As far as the committee’s composition, the charter will list who can chair the committee and be considered as members and how long their terms of service will be.
The board will decide how much authority the committee will have, if any. The board may decide that the only authority the committee will have is to make recommendations to the board, or they may authorize the committee to adopt new internal policies related to risk management.
Risk Committee Agenda Template
A risk committee agenda template is similar to agendas for other types of committee meetings.
The header for the agenda should contain the meeting date, start time, end time, location, purpose, list of participants and list of guests. The rest of the agenda will resemble the following outline:
I. Welcome and Introductions
III. Call the meeting to order
IV. Standing Items
- List the title, short description, person leading, time allotted, list of reference documents. (Examples of standing items include reviewing the agenda, approving prior minutes, etc.)
V. Unfinished Business
VI. New Business
VII. Ending Items (announcements, meeting summary, review of actions, date of next meeting, etc.)
A risk management committee should include risk management lessons and insights. This may include discussions on past or current problems. It may also include a discussion about recent issues on risk management that have been brought to light in the media or risk topics that have affected similar industries and how they handled them.
Risk committees should understand that they’re not responsible for finding and mitigating every possible risk scenario that could disrupt the mission and strategic plan. Each committee member should set an individual goal to learn as much about risks and risk management as possible and to be as current as possible regarding the evolution of risks.
At some point, and in some way, the committee will need to share their results with the board. The usual course of action is for the committee chair to write up a report and share it with the board. During the course of discussions, the committee may decide to assign action items to one or more committee members to be completed before the next committee meeting.
The modern approach to risk management is for boards to avail themselves of board management software solutions such as those offered by BoardEffect. BoardEffect software automates tracking of action items for clear follow-up, which is helpful for risk committees. The software is also efficient for taking meeting minutes and documenting recommendations to the board. Perhaps most importantly, risk committees can use the platform to communicate and share files under the protection of a highly secure platform.
Risk management committees are a necessity for good governance. That’s all the more reason to take a modern approach to managing the committee by using a secure board management software system.