Man on ledge looking down.

I’ve enjoyed working with undergraduate and MBA students to help them develop an understanding of corporate risk management, including some basic risk management techniques that they can use throughout their professional careers — regardless of their chosen professional disciplines.

More often than not, there is a special “aha” moment that occurs when a student grasps the concept that an organization that relies on as few as one or two people to “do risk management” for the whole enterprise is going to have problems down the line.

Related: Self-insured risk financing: Is it right for your company?

Enterprise-wide understanding of risk

Similar conversations between professional risk managers and business colleagues tend to focus on how to make risk management more relevant to the business. The core of these questions is a genuine desire to understand how best to ensure maximum liability protection for the organization.

From a liability perspective, managing risk starts with making good decisions on the front lines. It helps to have an enterprise-wide understanding of how risk is created and managed. By working hand-in-hand with the different corporate functions (such as IT, finance, human resources, purchasing and legal) as well as operating units, the corporate risk manager can use these eight core levers to maximize liability protection for the organization:

Related: 18 emerging risks for the insurance industry, its customers and society at large

Risk profile dial from poor to excellent(Photo: Shutterstock)

1. Understand the risk profile

The organization should understand the root causes and enablers of its liability risks. This includes understanding who creates each risk, who owns each risk and who manages or influences each risk. For example, a product liability risk can be created in design or manufacturing, owned by the business unit finance team, and managed by risk management or legal colleagues.

Although the risk manager can facilitate this understanding, the risk manager will need input and buy-in from the business, from internal and possibly external subject matter experts, from other corporate functions, and most assuredly from the risk owners themselves. It helps to understand the causes and impacts of the risk at an enterprise level.

Related: Risk management savings vs. sensibility

Young African American businessman making presentation with chart(Photo: Shutterstock)

2. Understand the risk implications for the business

The risk manager should facilitate a thorough assessment of the risk using both qualitative and, when possible, quantitative techniques.

It’s not enough to estimate the risk using past history, although this is a key input. The risk manager should facilitate understanding of how the risk can be expected to affect the organization in the near term as part of the business plan cycle and in the future in alignment with the strategic plan where possible. This includes an understanding of potential financial, reputational, legal and organization impacts to the organization.

Related: Company cyberinsurance — the supply chain dilemma

Risk tolerance on keyboard with dice(Photo: Shutterstock)

3. Understand the organization’s risk tolerances

Recognizing that safe products and services are the top priority, accidents or other events affect an organization in several ways including potential liability claims. The leadership team and board of directors should understand the potential impact of major risks to the organization, and they should reach agreement on the amount of risk that is acceptable whether measured in human, financial, reputational or other terms.

Risk in excess of the risk tolerance should be improved through the right combination of risk management methods and tools, and it should be monitored regularly for any changes. The goal should be leadership team alignment regarding the organization’s willingness to allocate resources such as people, cost and management bandwidth to address each risk appropriately.

Related: 3 issues with insurance for 3D printing, sharing economy, emerging industries

Water bottle assembly line(Photo: Shutterstock)

4. Understand the dynamics of the business

Often, organizations fail to understand that decisions made during the pre-product or pre-service planning stage can have risk implications that extend for years. One example of this is in manufacturing, where decisions made during design and sourcing can affect the liability profile of a product line many years down the road.

By partnering with business colleagues who touch the lifecycle of a product, service or business contract, the risk manager has a better opportunity to help fellow leaders enable the organization to achieve its goals and objectives in the safest possible manner.

Related: Talc, product liability insurance and recent class action lawsuits

Risk assessment chart(Photo: Shutterstock)

5. Develop a liability risk management strategy

Risk should be managed within tolerance using the right combination of risk management methods and tools.

These may include risk and safety audits, risk control reviews, safety planning and education, risk discussions embedded within research, design and testing, other risk control and mitigation actions, appropriate contractual arrangements, and insurance.

Related: Working with environmental consultants: What risk managers need to know

Two diverse business teams reach agreement(Photo: Shutterstock)

6. Develop, negotiate and manage best-in-class insurance programs

The risk manager who truly understands the organization’s risk profile is in a better position to structure, negotiate and manage the corporate insurance program.

In the area of liability risk management, this often starts with an understanding of the organization’s risk and claims profile.

Related: Is using a captive the right move for your organization?

Claims management road signs(Photo: Shutterstock)

7. Ensuring effective claims management

A well-designed claims management function, whether in-house or provided externally by an insurer or other provider, is a key element in a liability risk management program.

Managing claims well from start to finish is the best way to ensure the right outcomes for claimants and the organization itself. It’s also a good way to gain the insights and analysis needed to manage liability risk as proactively as possible.

Related: Managing today’s claims while planning for tomorrow’s technology

Business man and woman reviewing documents(Photo: Shutterstock)

8. Leverage the knowledge, skills and network of your broker

Ask whether your coverage wordings including terms and conditions that are best-in-class for your business. Make sure your limits and program structure align with the risk and with your company’s financial posture and risk tolerance. Leverage the broker’s databases, risk quantification models and trusted advisors to understand the risk profile and how it might evolve over time.

Ask the broker and insurer to recommend the most appropriate pre-loss and post-loss services to assist with the overall liability management plan, as well as potential claim scenarios.

Related: How insurance brokers remain relevant in the 21st century

Learning how to deal with the complex network of insurers, brokers, service providers, internal stakeholders, claimants, business leaders and functional colleagues, and others who are part of any organization’s risk management system, is a core skill for any risk manager. This operational excellence approach to liability management will help the corporate risk manager understand, manage, insure and report liability risks effectively.

Related: 3 ways data science is changing commercial underwriting

Laurie Champion is managing director and chief operating officer at Aon Risk SolutionsOpinions expressed in this article are her own.