Boards and Risk Management – 4 Tips To Manage Risk (Without Stifling Innovation)

The Board’s role in risk management is fundamental – the buck stops in the boardroom!
In the current uncertain environment, risk management has become essential to strengthen resilience and create sustainable value.

From rapidly advancing technology, new business models, supply chain complexity and climate change – not to mention the evolving political environment, there are a lot of events that could destabilise or put many out of business. 

The pandemic has further pushed effective risk management up the agenda of many boards. Not only was it a major risk event in itself – it has accelerated the risks of cybersecurity attacks, supply chain disruption, geopolitical tension and other external threats.

The Institute of Directors New Zealand published an article citing the top 5 issues for directors in 2023. Number 1 (as to be expected) climate change transformation followed by shared value, financial resilience, digital reality and board agility.  

It is essential that Boards think deeply and often about risks and potential outcomes. Increasingly frequently we are seeing scandals, fraud and cyber attacks, seriously tarnishing businesses’ reputations and breaking the trust of stakeholders. 

We’ve put together 4 tips for boards to help manage the minefield of risks (without stifling innovation).

4 Tips for Boards to Manage Risk

1. Build a comprehensive risk management plan

The initial step is to evaluate how well you are currently managing risks. Following this identify and weigh the probability and costs of potential risks for the risk register. It can be beneficial to hire a risk consultant to ensure you don’t miss anything vital and give an outside perspective.

Ensure serious risks are addressed with the right policies and procedures in place to prevent these risk events from occurring.

A comprehensive risk management plan and planning for risks empower your business to be prepared and ready to respond quickly if required.

Top tip: Take a data and technology-driven approach.

2. Ensure responsibilities and roles are clear

While you may have a project manager for your comprehensive risk management plan – it is essential to operate with transparency and visibility. It should be clear that everyone understands their role and responsibilities around mitigating risk.

The best practice for risk management is to maintain a risk register and assign each risk to a specific board committee e.g., the Audit Committee should own and manage financial risks.

The roles and responsibilities of different board committees should be periodically reviewed to verify that the board’s oversight is both coordinated and comprehensive.

3. Involve Stakeholders

To effectively plan for risk, it is critical to consult both team members and contractors involved as well as experts and senior managers who may have valuable risk management insights.

Stakeholders should participate in decision-making at every stage of the risk management process. Stakeholder input is essential to identify and gain an understanding of potential risks you may not have previously identified.

4. Always strive to improve

Frequently review your comprehensive risk management plan and processes to access if there is room to improve. Ensure policies and procedures implemented to mitigate risk are working as they were intended.

Always strive to adapt and stay on top of risk as things change very quickly (as many people learned with the pandemic). From the top down, build a culture of risk awareness.

Top tip: make sure risk management stays on the agenda for your board meetings.



While there are strategic advantages to taking risks – it is important to strike a balance between adding value and innovation while mitigating potential risks.
Boards need to think deeply and often about risk to strengthen resilience and create sustainable value.

Board management software is a great way to manage cyber security risks. StellarBoard has features such as end-to-end encryption, restriction of access control and two-factor authentication to keep your private documents secure.

Take a look at the different features our board management software has here:

Previous Post
Enhancing Corporate Governance: The Role of Board Governance Software in Mitigating Risk
Next Post
Fortifying Your Board Data: Cyber Security Strategies for Boards