• About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact
  • Menu

The Risk Coalition

  • About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact

People risk: two key focus areas in an evolving risk landscape

February 15, 2022

The risk landscape of 2022 is perhaps clearer than many other years.  One area of risk stands out – People Risk.  Where failures occur it is often the actions or inactions of people which have been at the root cause of the issues identified.  And these risks will be exacerbated in 2022 by two main factors – staff shortages caused by ‘The Great Resignation’, and the challenges associated with the continuation of hybrid working. 

The Great Resignation

The loss of personnel can cause issues across all levels of the organisation:

  • Senior management – key person dependency, loss of strategic direction, inability to fulfil SMCR requirements

  • Back office –project completion risk, failures of systems and processes

  • Customer facing staff – customer detriment, increased errors, increased stress. 

In reducing the risks associated with staff losses, there are some quick wins, but firms should also take a more strategic view and consider some of the structural issues and push factors within the business that are causing staff to leave.  Mitigations include:

  • Leadership – throughout the pandemic and beyond, staff are looking for inspirational leaders who are exemplars of good practice.  People join organisations, but they leave bosses

  • Key person dependency and succession planning – understanding who the key people are and putting in place realistic succession plans is a key mitigation

  • Ways of working – employees today are looking for working environments with a greater degree of flexibility.  After two years of lock-down, firms attempting to enforce a full-time return to the office will see significant staff push-back.

BAU hybrid working

As Covid eases many firms are transitioning from the ways of working during lockdown (effectively an extended business continuity exercise) to a more formalised BAU hybrid working approach.  And in doing so, it is important for organisations to recognise the inherent risks that come with a decentralised delivery business model, such as: failures in staff oversight and culture, data security, weakened spans of control etc.

Firms need to recognise the risks and put in place a clear action plan to control them, including in relation to:

  • Risk monitoring and control – firms should recognise the enhanced risks that hybrid working can bring, and build this into the ERMF (extended risk management framework)

  • Culture – an effective culture is a key mechanism for promoting control and good practice, across a distributed workforce.  It is the glue that holds the organisation together

  • Management – effective managers are coaches not custodians. They are output not time focussed and are able to project culture and control across a decentralised workspace

  • Recruitment – with staffing pressures there is a temptation to put ‘bums on seats’.  But firms should select staff for the new normal – candidates who demonstrate self-motivation and integrity.

 

Frank Brown is Practice Lead at Bovill.  His blog is an extract from his paper which explores People Risk in greater detail

Tags: Frank Brown
Prev / Next

Blog

Featured
May 8, 2026
Ewan Willars
Uncovering a hidden risk - focusing on intelligibility
May 8, 2026
Ewan Willars
May 8, 2026
Ewan Willars
December 15, 2025
Risk Matters: ECCTA – in the Boardroom
December 15, 2025
December 15, 2025
October 27, 2025
Hanif Barma
Strengthening risk oversight
October 27, 2025
Hanif Barma
October 27, 2025
Hanif Barma
September 16, 2025
True, Fair... and Future-Proof: Risk Accounting for a New Era
September 16, 2025
September 16, 2025
September 16, 2025
Risk Matters Blog – The Anatomy of a Ransomware Attack
September 16, 2025
September 16, 2025
April 15, 2025
Vera Cherepanova
The future of ESG: navigating a fragmented landscape
April 15, 2025
Vera Cherepanova
April 15, 2025
Vera Cherepanova
March 6, 2025
Mo Warsame, Gavin Hayes
Internal audit and risk management must work together to navigate uncertainty
March 6, 2025
Mo Warsame, Gavin Hayes
March 6, 2025
Mo Warsame, Gavin Hayes
September 4, 2024
Polly Williams, Mia Harris
Three key threats of phishing to be aware of
September 4, 2024
Polly Williams, Mia Harris
September 4, 2024
Polly Williams, Mia Harris
August 25, 2024
Felix Ritchie
Principles versus rules in data and corporate governance
August 25, 2024
Felix Ritchie
August 25, 2024
Felix Ritchie
July 16, 2024
Jane Hunter, Mia Harris
How can you maintain high standards in your business without suffering burnout?
July 16, 2024
Jane Hunter, Mia Harris
July 16, 2024
Jane Hunter, Mia Harris
June 2, 2024
Afshan Moeed
Enforcement of individual accountability in UK banking: a new boardroom recipe for change or continuity?
June 2, 2024
Afshan Moeed
June 2, 2024
Afshan Moeed
May 28, 2024
Craig Morris, Mia Harris
Three exciting new developments for AI in 2024 that you need to know about
May 28, 2024
Craig Morris, Mia Harris
May 28, 2024
Craig Morris, Mia Harris
May 24, 2024
Stefan Hunziker
The stuff of nightmares: risk management is shut down, and nobody notices
May 24, 2024
Stefan Hunziker
May 24, 2024
Stefan Hunziker
March 20, 2024
Neil Tinegate
What should boards know about digital technology?
March 20, 2024
Neil Tinegate
March 20, 2024
Neil Tinegate
March 15, 2024
Francis Kean
The insolvency risk for company directors - are you swimming naked?
March 15, 2024
Francis Kean
March 15, 2024
Francis Kean