A day in the life of: an Operational Risk Consultant
Tetiana Khamazina, IRMCert
Operational Risk Consultant
International Institute of Risk Management, Kiev
How did you get your job?
I have a master’s degree in economics and worked about five years in foreign economic activity. Then I was looking for a new professional challenge. I have chosen risk management as a new fast-growing discipline with really challenging opportunities for career development. I have been working in the field of risk management since 2005 and have the proven Enterprise-Wide, Operational and Project Risk Management experience. My risk management roles and experience have been transferred across a wide range of sectors: industry – production (metallurgical and food) and construction, and banking and insurance sectors.
What’s a typical day like as an Operational Risk Consultant?
A typical day usually consists of three main tasks:
The first task is carrying out my daily risk management duties, which includes risk assessment and providing advice on a risk-related issue on department’s requests, reviewing transactions, looking at contracts, writing policies and procedures within the company or reporting on a project or the company’s financial situation.
Secondly I would say the most important task is to listen. I reach out to my colleagues – within risk management and across the organization, schedule one-on-one meetings where is necessary, and talk a little and listen a lot. Through open-ended discussions I am developing relationships and understanding the unique tasks that lie ahead. Through such meetings, I may identify some immediate improvements I can make to risk management. Or I may find a simple solution to some longstanding problem.
And the third task is to implement these for achieving some early successes. Optimally, these will be things everyone can support. They give me credibility and make people want to work with me as company’s risk manager. Early successes give me momentum to take on bigger challenges in the months ahead.
So a typical day is to perform the duties, listen, and achieve some early successes.
What do you enjoy most about your job?
I like dealing with people and enjoy the fact that as risk manager I have worked across a whole company, connecting the dots between finance, safety health and environment, supply chain, IT and HR, for instance, and successfully integrated risk management into the overall strategy has led to more intelligent and more sustainable decisions.
Also I enjoy great flexibility in the transferability of my expertise and skills across a wide range of sectors. Transferring across sectors can often open up opportunities to gain higher salaries, better prospects and sponsorship of further qualifications.
What are the challenges?
Digital risks are increasing as newer data sources and technologies are embedded by business. As organizations adopt more cloud technology and explore more digital business opportunities, existing risk management strategies and practices become quickly outdated.
I think that the digital risk management is the challenges in enterprise risk and security for businesses that are expanding the scope of technologies requiring protection. Development of a digital risk management capability requires deconstruction and re-engineering of current organizational structures and allocations of responsibility as well as the development of new capabilities in security and risk assessment, monitoring, analysis and control.
In what way is your IRM qualification relevant?
My IRM qualification is the ideal internationally recognized degree which helps me to demonstrate proficiency and dedication to the risk management discipline. It combines the theory with practical commentary using case studies to illustrate how the theory applies. IRM qualification provides me the relevant knowledge and practical skills I can apply immediately, whatever sector, organization or country.
How has your role developed and what are your career ambitions?
I started my risk management career through a post-graduate training programme and entered at a risk associate level in the business. On gaining experience my career has already developed to the level of head of operational risk management.
My career ambitions are to become a Chief Risk Officer as a board member and then an Independent Director in the international public company. I also want to promote the risk management development in Ukraine on the national level through the creation of generally accepted professional standards of risk management, the certification of experts on risk management and the creation of self-regulatory organization of risk managers in Ukraine.
I want to give the following advice to those thinking of becoming an effective risk manager:
First of all be a business person first and a risk manager second. You need to know how business decisions are made, how mistakes get covered up, how to “read the tea leaves” of interdepartmental politics, how to confront wrong-doing without adding to the problem. You need to know when to take a stand, when to back down, when to bide your time, and when to go to the CEO.
Secondly develop a good cross-department communication skills and an ability to build relationships. Employees in risk management area are becoming increasingly central figures within the organization, and an ability to effectively explain complex issues to people elsewhere in the business is key.
Thirdly keep your risk management knowledge and skills up to date. The environment is becoming noticeably more turbulent and challenging in a VUCA world (volatile, uncertain, complex, ambiguous) and it requires from the risk managers continuously refresh their existing knowledge and learn new skills. IRM training courses are the ideal way to keep them up to date with all aspects of risk management practice.