How the HR department plays a key role in risk management

  • Subscribe to updates

  • Privacy
  • This field is for validation purposes and should be left unchanged.

In this blog we discuss why the HR department is so important in risk management and how it helps with people risk management. Operational Risk Software can be key to supporting this discipline.   

Taken from: Mastering Risk Management 

The role of the HR department within any firm is about managing people and supporting the firm’s long-term business goals. HR is concerned with the longer-term people issues, matching resources to future needs and looking at structure, quality, culture, values and commitment. 

A good business strategy is informed by people factors and people are fundamental to sustainable value creation, which is why human capital is as important as the other capital assets. Human resource management informs the organisation’s business strategy. The way in which people are managed, motivated and deployed, and the availability of skills and knowledge, should all shape the business strategy. Workplace planning involves turning business strategy into action. The talent management strategy of the firm must be aligned to the business objectives of the firm and be regularly reviewed. 

HR adds value when it is in tune with the firm’s commercial needs and objectives. It does not need to be a large function. Indeed, in a well-run firm, it will not be because line management operates good people management. But it should be central to a firm’s management.

One question that is sometimes asked – does the head of HR have to be an HR professional, or would a good line manager be able to do the job just as well? Given the scale of financial and reputational risks of non-compliance with legislation – employment, discrimination, health and safety and so on – it’s important that they should have extensive experience of dealing with these issues and with all the ramifications of hiring and firing. In addition, a good head of HR needs a good knowledge of the business whose emotional health, in the shape of its people, they are responsible for. 


The HR strategy shows how HR supports the business and the firm’s objectives, focusing on longer-term people issues. HR policies provide general and practical advice and guidance for managers and staff on a range of employment issues. They outline the responsibilities of both the employer and employee in the employment relationship. They can impact on employee motivation, organisation reputation and the ability to attract and retain talent. 

Polices should include: 

  • Legislation, such as: disciplinary, equality and diversity, grievances, health and safety, protection of vulnerable people, whistleblowing
  • Specific people issues, such as: dignity and respect, hiring agency workers, mediation, redundancy, shared parental leave, secondments, and policies about pay and reward;
  • Employee issues, such as: alcohol and drugs, gifts, social media, smoking.

Risk Management

In the three lines of defence the apex of the second line, risk oversight, is the risk committee. If you argue that people are the firm’s biggest risk, especially in a services industry, the HR Director should be an integral member of the executive risk committee.

At the least, the HR lead should work closely with the head of the risk function. The risk management function has the responsibility of co-ordinating and challenging the risk assessments of all of the disciplines, along with options to address identified people risk issues and solutions. 

With the options identified, business line managers can make educated decisions on the course of action that is best aligned with their goals and commercial objectives, working with HR. It’s the line managers who are responsible for people risk issues. If HR is having to deal with these, then HR is being poorly used and people management is probably being poorly managed also. 


Increasingly, HR is using data to improve people management. Take an issue such as improving retention in a firm which is suffering from a high turnover of key employee groups. People analytics can anticipate areas in certain employee groups with specific issues and then tailor their incentives or other changes to curb attrition accordingly. 

Instead of absorbing the costs of losing key employees, the firm can mitigate against attrition rates by measuring the happiness and well-being of their employees and adapting their offer to employees accordingly. Career-development planning, and learning and development for high performers, are both ways in which HR departments can use HR data to help improve the morale of the workforce. 

In our next blog we will be talking about the different elements of People Risk Management.

Mastering Risk Management by Tony Blunden and John Thirlwell is published by FT International. Order your copy here:    

For more information about how Operational Risk software can help your organisation, contact us today on 

Related Posts

How to Foster a Culture of Risk Awareness in Your Bank: The Role of GRC Technology
The financial industry underpins the entire economic system by fostering trust and stability. Banks, a cornerstone of this ecosystem, play a critical role for individuals and businesses alike. For individuals, they act as trusted custodians, safeguarding hard-earned assets in the form of checking and savings accounts.  On a broader scale, banks facilitate commerce by offering …

How to Foster a Culture of Risk Awareness in Your Bank: The Role of GRC Technology Read More »

When managing People Risk, what are the key indicators?
In this, our final blog on the topic, we discuss the Key People Indicators for risk management. Operational Risk Software can be key to supporting this discipline.    Taken from: Mastering Risk Management  If people are, as a category, a firm’s biggest potential risk, it’s fair to ask what indicators are available to monitor that risk, …

When managing People Risk, what are the key indicators? Read More »

How do you mitigate People Risk?
In this blog we talk about key strategies for mitigating people risk and present a table to demonstrate context. Operational Risk Software can be key to supporting this discipline.    Taken from: Mastering Risk Management  Creating the right risk culture will do much to reduce people risks. After that, the fundamental way of mitigating those risks …

How do you mitigate People Risk? Read More »