Risk Language Needs to be Learned – By the Risk Officer
Language is not imposed. Language develops from usage. The first step in developing a common risk language WITHIN a firm is to understand the risk language that already exists. The goal is to figure out what concepts are spoken of in different words in different parts of the firm. And which risk management concepts are not already in use.
If you listen instead of talking, you will usually learn that almost all risk management concepts are already in use somewhere in the firm and there is already language. When there is multiple terms in different areas, the solution is usually to teach both areas the terms that the other area uses. Soon, the organization accepts the terms as synonyms. (Languages have synonyms, you know).
Good luck to the risk officer who brings in a language and tells everyone which words to say. The risk officer needs to learn the risk language that is already in use and concentrate on elevating the significance of the practices that the existing language describes.
There are experts who say that it is important for everyone to speak the same language about risk and risk management. The private benefits are negligible. The collective benefits are slim. Absolutely everything else gets along just fine with each firm having their own private language.
Explore posts in the same categories: Enterprise Risk Management
Riskviews 
July 25, 2012 at 7:49 am
I agree with Riskviews comments but would add that companies that ignore external definitions send a negative message to outside providers of oversight like auditors, rating agencies and regulators that the firm is behind the curve when it comes to managing risk. You should know when your definitions vary within a firm as well as with external discussions, consciously making a decision to continue, change, or educate.
July 23, 2012 at 7:29 am
Excellent observation and point that the risk manager should facilitate the organization’s risk language not mandate it. However, I have to disagree on the idea that various units can operate under different risk definitions. That is a recipe for disaster when the organization has to pull together. Everyone has to be on the same page and using the same common language.