International firms must retain risk management at local and regional levels says Dr Bruno Brühwiler

Multinationals must allow line managers to retain a level of responsibility in risk management and avoid centralising risk within the company, according to Dr Bruno Brühwiler.

ISO 31000 committee convenor Brühwiler believes risk management should not be defined as a responsibility of line management or as a separate function, but rather an overlap of the two.

Speaking to StrategicRISK at the BSI Risk and Resilience conference 2014, Brühwiler said: “It is wrong to centralise risk management because you must be careful not to construct a bureaucracy.

“For instance, it does not make sense to centralise risks from all corners of the earth in London or in Zurich. It is important that top management knows the key risks from around the world but it is also important that middle management know the risks within their responsibility.”

He said for larger multinationals, risk management must be broken down to appropriate levels of responsibility, which enables top management to control the direction of the firm’s risk approach.

He said: “It’s all about breaking down the risks to the responsibilities of management. Top management must ensure that risk management is effective at all levels of the organisation.”

Addressing the conference, Brühwiler spoke about the evolution of risk management and the success of the ISO 31000 since its introduction as a standard for risk management in 2005.