‘Tools of the Trade’: Hints and Tips for Working in Risk Management

Skye McGregor

Skye McGregor

What’s it really like to work in the field of risk management? In conjunction with the Institute of Risk Management, Risk Xtra continues its new series of articles running under the banner ‘Tools of the Trade’ in which we ask practising professionals to offer their handy hints and tips on the matter for those looking to make the move into the industry. In this third instalment, Skye McGregor IRMCert (Risk Manager in charge of People Risk, Financial Crime, Pricing and Underwriting at Co-op Insurance) answers our questions.

Risk Xtra: How did you move into your current role?

Skye McGregor: Without going into detail about my failed attempt at education the first time around, I decided to study philosophy and logic at the University of Manchester as a mature student. Simply put, there are two schools of philosophy: continental (think Camus, Satre) and analytical (think Russell, Wittgenstein). Due to its history, analytical philosophy and Manchester are synonymous.

Studying subjects such as metaphysics, normative ethics, epistemology, symbolic and quantificational logic, philosophy of science and critical thinking, etc allowed me to alter the way in which I thought about and interacted with the world and develop the transferable skills necessary to succeed in areas of business such as project and risk management. When deconstructed, both disciplines focus on what we know exists, what we know might change, where we want to get to and then numerous unknowns.

It was the combination of the knowns and unknowns that I really enjoyed.

Halfway through my MSc I was offered one job in the project space, then soon after I was offered another in risk. I decided to take it and agreed with my exec that, as part of accepting the role, I could study with the Institute of Risk Management (IRM) for the International Certificate in Enterprise Risk Management.

Risk Xtra: What’s a typical day like in your role as a risk manager?

Skye McGregor: My role is incredibly varied as I’m the first line risk manager for people risk, pricing and underwriting and financial crime. The diversity of technical areas and non-technical areas makes the general duties and responsibilities such as RCSA, risk events, risk acceptances and reporting, etc very interesting.

On the people risk side, I’m heavily involved in the Senior Insurance Managers Regime (soon to be the SM&CR) and manage an intragroup contract.

A typical day could be anything from reviewing risk policies, liaising with the Audit Department, attending fraud strategy meetings or working on ad hoc issues such as the Genertal Data Protection Regulation and Brexit.

Risk Xtra: What do you enjoy most about your role?

Skye McGregor: I think a lot of people in the business environment view risk professionals, whether they’re involved w’th the first, second or third line, as the ‘fun police’. In short, those who are there to tick boxes and create bureaucracy. What I really enjoy about my role is two-fold. First, helping to change people’s perceptions of risk and especially how it can create value for their function. I like to think that the majority of my work is stakeholder engagement/management (asking the right people the right questions – in the right way – at the right time). If you can create buy-in and demonstrate value it really helps embed the IRM’s principles of risk management.

Second, understanding how and why things flow the way in which they do makes things incredibly interesting from a business and commercial perspective and obviously this is constantly changing (regulation and tech, for example). It’s good for development to be in an environment which is always changing and where you have to re-evaluate the risk framework on an ongoing basis.

Risk Xtra: What are the main challenges involved?

Skye McGregor: Being risk-proactive in times of change instead of becoming caught in the trap of being reactive to risk issues. Also, continuously demonstrating value as a risk manager is more challenging, I think, than business partners, project managers and change teams who regularly achieve deliverables that are not typically BAU and therefore tend to draw more focus.

Risk Xtra: In what way are your IRM qualifications relevant?

Skye McGregor: The IRM’s Certificate in Enterprise Risk Management is structured in a way that allows the student to progress their understanding of risk from the absolute foundations. However experienced one is in the field of risk, I think it’s necessary to take things back to basics and question the fundamentals.

Studying alongside work afforded me the opportunity of relating everything that I was currently studying to the work that I was doing. The course really gave me an objective view of risk and helped inform how and why I was doing what I was doing, which then created additional value in that I was able to use this understanding to create the necessary buy-in to facilitate change.

Risk Xtra: What would you say to others thinking about joining the IRM as a member?

Skye McGregor: I think Continuing Professional Development (CPD) is extremely important, both for the individual and for the business. It’s not conducive to success for one’s beliefs, ideas, concepts and ways of working to become stagnant in any form. The IRM provides an opportunity for practitioners to stay current with expert advice and guidance which spans both niche subjects and trends that affect the industry on a global scale.

Risk Xtra: How has your role developed and what are your career ambitions? Has being linked to the IRM assisted you in any way?

Skye McGregor: From studying the IRM course I’ve become a lot more confident in the advice and guidance I provide to colleagues as I know that I’ve achieved an industry benchmark in terms of professional qualifications. For the time being I want to stay in risk, so I’m considering the Diploma in ERM and a move into a role with a focus on the implementation of risk frameworks. After that, I’m thinking of an MBA and then: ‘Who knows?’

Top Tips

I’m not sure I’m experienced enough to be giving advice, but what I can say is this:

(1) The IRM course improved my credibility within the business and has given me the potential opportunity of moving forward into various other roles much quicker than I otherwise would have – so this comes highly recommended as does any other CPD study.

(2) I sought out a mentor in the business. This has really helped improve the non-technical aspects of my career (eg setting personal objectives and ways of working and evaluating work/life balance, etc). It’s an excellent way to learn from the vast experiences of those who’ve done it all before.

(3) Build a network. Whether it’s involving permanent employees or contractors, in your function or in a completely different part of the business, build lasting relationships so that you have business contacts and SMEs to engage with and learn from about the wider business environment, external changes, risks and market opportunities.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts