Return to Search

Join our mailing list

Sign up to our free mailing list to stay updated on the latest from the IRM.

Subscribe Now

Risk in Focus: Stephanie Jackson Senior Enterprise Risk Consultant, UK Risk Ageas

The Institute of Risk Management (IRM) asks its members what working in risk is really like and what hints and tips they'd share with people looking to move in to risk.


Stephanie Jackson

Senior Enterprise Risk Consultant, UK Risk 



How did you get your job?  

I previously worked in a second line assurance function as Compliance Manager which had elements of overlap into the risk world. My interest grew towards different risk themes and areas of focus at the time and the analytical and diverse natural of the role. The risk function at the time were in their infancy and were looking to grow so it was a relatively straight forward transition internally into a Risk Manager role as both required similar skill sets. 

What’s a typical day like as a Risk Consultant?

Very diverse, with constant engagement with the business to ensure you have a sound knowledge of what’s going on and any areas of concern or any incidents.  A typical day might consistent of meetings with individuals such as; functional managers, risk or control owners or risk coordinators. Ad-hoc areas of support, planning or undertaking elements of assurance activity, control review or assurance reporting.

What do you enjoy most about your job?

I love the diversity of the role and the opportunity it provides you in developing your own knowledge across an ever evolving business and market place and the opportunity to really make a difference to the business in key decision making.

What are the challenges?

I think there’s always historically been a challenge around embedding risk culture and in articulating the value effective risk management adds to a business. So changing mind sets and working closely with certain individuals to help them better understand can often be one of the more the challenging parts to the role, which is where your influencing skills often play a part. Upon reflection this is also one of the most rewarding parts as after working with individuals and building relationships to overcome barriers such as this the same individuals consistently come back for support and assurance around the their own views and risk approach.

What would you say to others thinking about taking the Digital Certificate?

The Digital Risk Certificate has helped to provide a more rounded understanding of today’s cyber and business digitisation risks and mitigation strategies. A topic which couldn’t be more important in today’s direction of travel. Areas of focus within the different modules are relevant to all industries making this a great qualification for all.

What have you been able to put into practice in your job as a result of what you have learnt?

A new detailed understanding of cyber-crime including technique, terminology, areas of vulnerability, systems and controls has enabled me to better understand existing cyber related and information security controls and to analyse control evaluation more effectively in these areas. 

Top tips

  • Focus on building and aligning your current skill set to that of a typical Risk Consultant role e.g. Analytical, organisational, change management, numeracy and report writing skills.
  • A key part of the role is about engaging with the business, thinking about how you could articulate your people skills in an interview.
  • Thinking about building your portfolio of Risk Management qualifications, most of which are through flexible learning and won’t impact your day job. There is a great range starting with basic certificates in Risk Management which are ideal for those looking to get into or who have just started a Risk Management role.
Posted in News item