Risk manager of the future in the digital age
This analysis addresses the challenges faced by risk managers in the digital age.

Is there a learning map, guide or curriculum that a risk practitioner can follow to help transform him/her into being a digital risk manager? 

Over the recent period, there has been much conversation about the 4th Industrial revolution and its impact on industries and the resources that work within, writes Nishkar Ballasur, IRMSA risk chat contributor.

The conversation of digitalisation continues and has intensified given the COVID-19 pandemic impact on the world which has thrust organisations into not just speaking about working in the digital age but rather enabling people, processes and systems to now continue operations with a strong digital presence,

These conversations, in most cases, were supplemented with multiple pleas made to employees to ensure that they embrace this new revolution by enhancing their knowledge and skills.

This is probably and arguably one of the most recently and frequently mentioned encouragement notes made from line management to direct reports. 

Read more:
Data breaches are becoming a common phenomenon in South Africa
Ed’s letter: Virtual engagements…seize the day!
Op-ed: Is your workforce skilled to overcome digital challenges?

A key observation to note though is whether the employee knows what he/she needs to do to upskill themselves to remain relevant?

The current risk practitioner faces the same challenges in that they have been informed and are aware that they need to re-armour themselves to operate within the new challenging environment however is there what I refer to as a “bridge”? 

Is there a learning map, guide, curriculum or similar that the risk practitioner can follow to help transform him/her into the digital risk manager? 

A simple analogy to serve as reference is requesting a new employee to begin a new piece of work without providing him/her with the guidance or tools to do so, it is simply not enough to just inform, enablers must exist for effective development and execution.

Many opinions exist on what knowledge and skills the risk manager of the future is required to obtain, in this article I refer to this role as the digital risk manager, however there could be various title interpretations across organisations. 

Simply positioned, this refers to the risk manager of the future.  In my opinion, this role is not similar to the IT Risk and Information Security Risk practitioner roles as these roles are normally more technical in nature; the digital risk manager role is intended to obtain sufficient and relevant competencies to understand and operate within the technology domain by bridging the gap between business and technical acumen and allowing them the opportunity to branch full time into a more technology risk role should their career path dictate. 

Following below, I have expressed my opinion of what I believe are the top 10 competencies required for the digital risk manager/risk manager of the future.  I further recommend that specific courses within these competencies be sought after. 

Competency levels can range from basic, intermediary to advanced, it is up to you as to how far you wish to develop your knowledge and skill level.

Top 10 competencies required for the digital risk manager

Competency 1 – IT 101
Obtain an understanding of information technology concepts such as hardware, software, databases, operating systems, applications, networking and similar.

Competency 2 – data analytics/big data
Obtain an understanding of data, information, insights, analysis and reporting tools, data interrogation and similar.

Competency 3 – phyton programming
In my opinion, it is not essential that a digital risk manager be able to perform programming however it is extremely useful for (i) providing logical and structured thinking skills and (ii) creating excitement and enjoyment when viewing how a program is created from infancy to product level.

Competency 4 – MS Office 365
Understanding the MS Office 365 toolset allows the digital risk manager to suggest solutions to business problems and allows for efficiencies to be created within current processes.

Competency 5 – robotics
Obtaining an understanding of the robotic process automation process and the various tools that exist to develop robots (automation of processes).  The digital risk manager does not need to know how to develop a robot using a particular software tool however if the interest exists, it’s a very useful aid in his/her armoury.

Competency 6 – cyber
Obtaining an understanding of the cyber space along with touchpoints to the other risk types.

Competency 7 – blockchain and cryptocurrencies
Obtaining an understanding of the definitions thereof and the potential threats to and opportunities for business.

Competency 8 – agile/innovation/invention
Obtaining an understanding as this will enable risk practioniers to look inwards to determine where this can be applied to optimise risk processes and delivery to our customers (internal and external). This helps promote innovative thinking on process and product improvements.

Competency 9 – fintech/regtech
Obtaining an understanding of the concepts and industries impacted including risk and opportunity.

Competency 10 – soft skills
Although being the last item listed, certainly not the least important, soft skills are critical especially during an age of robots where we do not wish for humans to behave in the same way as robots do thus making this the major differentiator in the modern world.

In addition to my suggested top 10 competencies, a reminder to take reference from the World Economic Forum (WEF) and its’ top list of skills required for the fourth industrial revolution, these being:

  • Creativity
  • People management
  • Emotional intelligence
  • Judgement and decision making
  • Critical thinking
  • Cognitive flexibility
  • Complex problem solving
  • Coordination with others
  • Service orientation
  • Negotiation

As risk practitioners, we must realise that even the given top 10 competencies will change over time and probably quicker than anticipated, given that topics such as quantum computing is yet to be considered. 

Still, we need to begin the journey and cross the bridge but must also remember that there is no destination, the bridge will continue to expand as our destination changes with time. 

The major principle remains, a bridge must exist to help move us to the changing landscape!