Quest Magazine - Home

Risk Management

Risk Management

Ready for risk? The skills required to ‘know your enemy’, and the development of tactics to counter that enemy, are basic risk management aptitudes. This means that, without even knowing it, you may have spent a significant proportion of your Services career preparing for a role in this industry – and could well be more ready than you know for a rewarding new career in risk management …

What’s involved?

Risk is part of all our lives – as we have been reminded in no uncertain terms thanks to the coronavirus pandemic. As a society, we need to take risks in order to grow and develop. From energy to infrastructure, supply chains to airport security, hospitals to housing, effectively managed risks help societies to achieve. In our fast-paced world, the risks we need to manage evolve quickly. We must ensure we manage risks in such a way that we minimise their threats and maximise their potential.

Risk management involves understanding, analysing and addressing risk to make sure organisations achieve their objectives. So it must be proportionate to the complexity and type of organisation involved. Enterprise risk management (ERM) is an integrated and joined-up approach to managing risk across an organisation and its extended networks.

Because risk is inherent to everything we do, the types of work undertaken by risk professionals are incredibly diverse. They include roles in insurance, business continuity (click here to read our feature about that), health and safety, corporate governance, engineering, planning and financial services.

The work is likely to be primarily office based but often includes visits to other offices to see clients (if you’re working in consultancy) or to sites (if you’re working in sectors such as construction). At a more senior level, you may spend time away from the office at conferences and so on.

Travel within the working day is common, but depends on the size of the organisation and your level of responsibility. Risk management jobs are available across the UK, but overseas travel may be required if you work for a company that operates internationally.

Risk management strategies and processes

According to technology-focused website TechTarget, all risk management plans – in whichever area or sector they are applied – follow the same steps that combine to make up the overall risk management process. These are as follows.

  • Risk identification: the company identifies and defines potential risks that may negatively influence a specific company process or project.
  • Risk analysis: once a specific type of risk has been identified, the company determines the odds of it occurring, as well as its consequences. The goal of the analysis is to further understand each specific instance of risk, and how it could influence the company’s projects and objectives.
  • Risk assessment and evaluation: the risk is then further evaluated after determining its overall likelihood of occurrence combined with its overall consequence. The company can then make decisions as to whether the risk is acceptable and whether the company is willing to take it on based on its risk appetite.
  • Risk mitigation: during this step, companies assess their highest-ranked risks and develop a plan to alleviate them using specific risk controls. These plans include risk mitigation processes, risk prevention tactics and contingency plans in the event the risk occurs.
  • Risk monitoring: part of the mitigation plan includes following up on both the risks and the overall plan to continuously monitor and track new and existing risks. The overall risk management process should also be reviewed and updated accordingly.

Skill up while serving

Click here and here to read two in-depth case studies, which highlight how ex-Services personnel have used their Forces experience and transferable skills to make a successful transition to a civilian career in risk management. You might be surprised at the sort of parallels there are between military roles and risk-management careers.



The basic skills you will need for a successful career in risk management include:

  • technical acumen
  • problem-solving and decision-making abilities
  • analytical skills and a good eye for detail
  • the ability to cope under pressure
  • planning and organisational skills
  • negotiation skills and the ability to influence people
  • good communication and presentation skills
  • commercial awareness
  • numerical skills and the ability to evaluate costs
  • the ability to understand broad business issues.

Source: Prospects


In addition to the above, individual companies may advertise opportunities on their websites. There are also specialist recruitment agencies that have details of risk management vacancies. These include:

  • Adam Appointments – an agency for risk management recruitment in Scotland
  • IPS Group – handles the recruitment of risk managers in a variety of sectors and locations.

Get qualified!

Risk management is not an entry-level role, however it is possible to get into the sector without a degree. If that’s you, you will probably start in an administrative role before working your way up to a risk assistant position and then progressing to a risk manager role. Employers expect A-levels or equivalent qualifications for those entering via this route.

Although this area of work is open to all graduates, a degree in one of the following subjects is likely to improve your chances:

  • engineering
  • finance or economics
  • law
  • management or business studies
  • risk management
  • science
  • statistics.

Those graduating from risk management courses, or courses with a risk management component, are highly sought after by recruiters of risk managers.

Students on risk management degree and postgraduate courses can apply for free student membership of the Institute of Risk Management (IRM), which could well improve their job prospects. The IRM’s website has full details of the different levels of membership available.

Another option is for graduates of less relevant subjects to take the IRM’s International Certificate in Enterprise Risk Management (see below), which will give them an introduction to risk management and increase their chances of securing an entry-level position.

The Institute of Risk Management

The mission of the IRM is to build excellence in risk management, in all sectors and across the world. Click here to see how a variety of people have benefited from IRM qualifications and membership.

Example qualifications

International Certificate in Enterprise Risk Management

For those new to this career area, the IRM offers its International Certificate in Enterprise Risk Management, an introductory distance learning qualification, which takes six to nine months to complete. It is delivered as two modules, which are taken simultaneously. It offers a thorough grounding in the principles and practice of risk management.

Digital Risk Management Certificate

Also from the IRM, the Digital Risk Management Certificate is the ideal qualification for those looking to develop an understanding of risk management in the digital era. It has been designed to introduce learners to digital disruption, its causes and consequences, and to equip them with the tools and techniques necessary to apply their skills in an increasingly digital world. Taking six to nine months to complete, the certificate is a distance learning study programme that is relevant to all sectors.

International Certificate in Financial Services Risk Management

The IRM also offers the International Certificate in Financial Services Risk Management, which is a degree-equivalent qualification. Although there are no formal entry requirements, students are expected to have some knowledge of risk management tools and techniques. The course is delivered through supported distance learning, which includes directed self-study and online coaching.

NEBOSH National Certificate in Fire Safety and Risk Management

This accredited qualification is particularly popular with Service leavers and offered by many ELCAS approved training providers. Holders of the certificate help their organisation to ensure it meets its fire safety responsibilities, leading to a safer environment for employees and visitors to premises, and an improved fire safety culture for employers and building managers. It is therefore also suitable for those moving into fire safety adviser roles. The course covers the management of health and safety – and in particular fire safety – including legal requirements.

No previous health and safety or fire safety knowledge is required. The qualification is divided into three units, each of which is assessed separately: 

  • Management of Health and Safety 
  • Fire Safety and Risk Management
  • Practical Fire Risk Assessment.

This modular structure provides great flexibility, enabling students to choose to study individual units in any order over a five-year period.

Course fees are determined by individual course providers and vary depending on the format of the course. You should plan your study around a minimum of 70 taught hours and approximately 55 hours of private study and background reading. Training providers offer courses to fit around your requirements, via:

  • distance or blended learning 
  • day or evening courses over a number of weeks
  • block release or modular courses.

Find out more by clicking here.

Other course providers

Other professional bodies that offer sector- or occupation-specific risk management training include:

Postgraduate qualifications

Postgraduate qualifications are not essential but can be advantageous. A master’s in risk management is also available at a number of universities and may be particularly relevant if you have not completed a risk management-related degree.

Continuing professional development (CPD) is also important and the IRM runs a range of courses and training events throughout the year, to help risk managers keep up to date with developments in the area and refresh their skills.

Use your ELC

Under the ELC scheme, a wide range of learning can be taken, provided it is offered by an approved provider listed on the ELC website and is at level 3 or above. For full details of how to make the most of your ELC, refer to our in-depth features elsewhere on this website.

Finding employment

Risk-related careers are incredibly diverse, reflecting the widespread role of risk management in companies and communities. Risk roles range from banking and insurance to logistics and infrastructure, aviation, space travel, construction, public health, international development and many more. Because of their highly transferable skills, qualified and experienced risk management professionals are able to move easily between different sectors and countries. Transferring across sectors can often open up opportunities to gain higher salaries, better prospects and sponsorship of further qualifications.

Employers of risk managers include:

  • banks
  • charities and commercial businesses
  • energy and utilities companies
  • engineering and construction companies
  • insurance companies
  • NHS trusts
  • local authorities.

At higher levels, employers look for experience or knowledge of risk management, so it may be useful to seek work placements during leave time if these are not part of a course you are taking or plan to take. This could set you up with risk and insurance contacts, which could help your future job prospects. Experience from your Service career could also be useful if it relates to the sector in which you wish to specialise in a risk management role.

There are also opportunities for self-employment for experienced risk managers who wish to set up their own consultancies. There may also be opportunities to work abroad as demand for risk managers is growing, particularly in new fast-developing economies. 

What can you earn?

Note: the following figures are intended as a guideline only.

As mentioned above, risk management is not an entry-level role. Typical starting salaries for those beginning in a risk technician role are around £21,250. Risk analysts with between one and six years’ experience can earn from £29,000 to £44,000. With several years’ experience at risk manager level, salaries can range from £46,500 to £74,000. With substantial experience at director level it is possible to earn upwards of £70,000.

Salaries vary widely depending on sector, level of responsibility and location. The highest salaries are found in the financial sector and in London-based positions.


University College of Estate Management | Risk Management
UCEM is the leading provider of supported online education for the Built Environment, with over 95 years’ experience of providing the highest quality learning opportunities. At any one time, we have more than 3,500 students from more than 100 countries benefiting from our qualifications taught by tutors with extensive industry experience.
O’Halloran & O’Brien | Risk Management
O’Halloran & O’Brien Ltd has established itself as a leading groundwork and civil engineering contractor in the South East of England, with offices in Kent and Surrey. With professional staff and highly qualified labour, we are able to work closely with our clients to provide competitive solutions to complex developments; providing engineering solutions and groundworks services.
South East
Dorset Health and Safety Limited (Salisbury) | Risk Management
Dorset Health and Safety Limited is a training company based in Salisbury and the leading health and safety course provider in the southwest. We pride ourselves in being able to provide an unbeatable personal service from the time of booking, throughout your time spent training with us and beyond. We are accredited to deliver NEBOSH, IOSH and Qualsafe Award training courses and have delivered successful training to well over 2,500 delegates to date. As well as being and Approved ELCAS Course Provider we are also a CTP Preferred Supplier.
South West
Inspired2learn | Risk Management
Are you ready to manage, lead, coach or mentor others in a new job role in ‘civvy street’?
International, Nationwide, South West
See all our training courses See all