By Aaron Brown

Risk managers can’t predict or prevent disaster. They can, however, reasonably aspire to be able to say, ‘we all knew the risks’, when something bad happens, and have everyone nod in sad but sober agreement. In happier times, the risk manager hopes that celebrants will point to the calculated risk-taking – and the failures – that made success possible, instead of treating the win like an unexpected gift due to dumb luck and recklessness. The discipline of relating both failure and success to prior risk decisions helps an organisation evolve in favourable ways.

If you want people to accept that good and bad outcomes result from calculated decisions agreed to by all stakeholders, you must communicate risk clearly before the outcome is known. Your judgments about the risk don’t necessarily need to be correct, but you must give the same picture to all stakeholders.

This necessity is enforced through a core risk management principle knows as the use test: any risk or exposure information communicated externally must be relevant to internal risk management decisions. Sometimes a stakeholder insists on information that the risk manager doesn’t use. The risk manager discourages that. If the stakeholder has a right to the information and continues to insist, the risk manager can supply it with a clear disclaimer that the information is being provided at the stakeholder’s request only and is not monitored by the risk manager.

Risk communication should be two way. In addition to communicating a single picture of risk to all stakeholders, the risk manager should listen to the risk perspectives of each of those stakeholders.

Risk decisions are hard, and getting things right 51 per cent of the time is a fine average. But risk communication is something you can try to get right every time.