Colonel Arun Hariharan
Vice President, National Head – Nodal,
Security and EHS, Bharti Airtel Ltd
What is Risk Management?
The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road.
To put it across simply, Risk Management is the process of identifying, assessing, and controlling potential risks that could negatively impact an organization or project. These risks could arise from a wide range of sources, including financial uncertainties, legal liabilities, strategic management errors, accidents, natural disasters, cybersecurity threats, or operational failures.
Effective risk management helps organizations minimize losses, protect assets, ensure compliance with regulations, maintain operational continuity, and enhance decision-making. In a rapidly changing and uncertain world, proactive risk management is vital for achieving long-term success.
Let us now examine how this works in the military and in the corporate – the differences and the overlaps.
Risk Management in the Military
Risk management in the military is a systematic process used to identify, assess, and control risks associated with military operations, training, and other activities. Its primary goal is to preserve combat power, conserve resources, and increase operational effectiveness while minimizing unnecessary loss or damage.
Military risk management typically follows a structured approach such as the U.S. Army’s 5-step model:
1. Identify hazards: Recognizing potential dangers in various military activities.
2. Assess hazards: Evaluating the likelihood and severity of identified hazards.
3. Develop controls and make risk decisions: Developing and implementing measures to reduce or eliminate risks, by using risk information to inform operational planning and execution.
4. Implement controls: Implementing strategies to minimize the risks. This could involve reducing the probability of the risk happening or lessening its impact if it does occur.
5. Supervise and evaluate: Continuously tracking risks, reviewing the effectiveness of risk mitigation efforts, and adjusting strategies as needed.
This process helps military leaders balance mission requirements with personnel and equipment safety, ensuring that risks are taken only when the potential benefits outweigh the possible losses.
Risk Management in a Corporate Scenario vs the Military
Risk management in the corporate world shares some similarities with military risk management, but there are notable differences in focus, scope and implementation. This stems from the basic purposes of both these organisations. Whereas, in the armed forces focus is on effective training, seamless logistics and winning wars, in a business enterprise it is about staying competitive in the market, generating profits, regulatory compliances, organisational reputation etc.
Hence, though at a high level the process remains same there are nuanced differences. In simple terms, here’s how corporate risk management differs in the two fields:
| Parameter | Corporate | Military | |
| 1 | Focus | Primarily focused on financial risks, reputation, and business continuity. | Centred on operational effectiveness and preserving combat power. |
| 2 | Types of risks | Market risks, credit risks, operational risks, legal/ compliance risks, strategic risks. | Combat-related risks, equipment failures, personnel safety, mission failure. |
| 3 | Regulatory environment | Governed by various laws and regulations (e.g., Unified Licence for telecom operators, RBI regulations for banks). | Follows military doctrine and government regulations. |
| 4 | Stakeholders | Shareholders, customers, employees, regulators. | Government, soldiers, allies, civilians in operational areas. |
| 5 | Risk appetite | Often defined by board of directors, balancing risk and reward for profit. | Determined by mission objectives and strategic importance. |
| 6 | Time horizon | Can range from short-term to long-term, often with a focus on quarterly or annual results. | Mission-specific, can be immediate (tactical) or long-term (strategic). |
| 7 | Tools and methodologies | ERM framework, ISO 31000, financial modelling, scenario analysis. | Specific military risk assessment tools, after-action reviews. |
| 8 | Reporting | Regular risk reports to management, board, and sometimes public disclosures. | Often classified, reported through chain of command. |
| 9 | Risk transfer | Can use insurance, derivatives, or other financial instruments to transfer risk. | Limited options for risk transfer; risks are usually managed internally. |
| 10 | Cultural aspects | Risk culture varies widely between organizations and industries. | Strong emphasis on safety and operational security across the organization. |
| 11 | Consequences of failure | Financial losses, reputational damage, legal liabilities. | Potential loss of life, mission failure, national security implications. |
| 12 | Innovation and risk-taking | Often encourages calculated risk-taking for competitive advantage. | Emphasizes following established protocols, with innovation focused on enhancing capabilities and safety. |
While both sectors endeavour to manage risks effectively, the corporate world generally has more flexibility in its approach and can often take on more risks in pursuit of profits. The military, given its critical role in national security and catastrophic nature of failure, tends to be more conservative in its risk management practices.
Transitioning Military Personnel and Risk Management as a Career
Transitioning military personnel often possess skills such as leadership, decision-making under pressure, operational planning, and risk assessment – qualities that naturally align well with various subdomains of risk management. Hence risk management is a good career option for veterans seeking jobs in the business sector.
The term Risk Management is loosely used both in the military as well as the corporate environs. It is nothing but something we do in our day to day lives, all the time – whether it is a decision to buy a new car, changing jobs or even a simple thing such as crossing the road
Based on exposure to the sector, here are some recommended subdomains and related industries that could be a good fit:
Operational Risk Management
● Fit: Veterans excel in understanding and mitigating risks tied to processes and operations.
● Industries:
– Manufacturing.
– Logistics and Supply Chain.
– Aviation and Aerospace.
– Healthcare (hospitals, emergency services).
Security Risk Management
● Fit: Military backgrounds provide excellent training in physical security, threat assessment, and protection.
● Industries:
– Corporate Security
– Critical Infrastructure
(telecom, energy, water, utilities).
– Event Management.
– Financial Institutions
(fraud, cybercrime prevention).
Cybersecurity Risk Management
● Fit: Many veterans come from IT, communications, or intelligence backgrounds and can transition well into cybersecurity roles.
● Industries:
– Technology and Software Development.
– Telecommunications .
– Financial Services.
– Healthcare (patient data protection).
Compliance and Regulatory Risk
● Fit: Those with experience in adhering to rules, protocols, and compliance regulations in the military will find this domain familiar.
● Industries:
– Financial Services (banks, insurance).
– Healthcare (NABL, ICMR, FDA compliance).
– Pharmaceuticals (CDSCO compliance).
– Infrastructure Contractors.
Strategic Risk Management
● Fit: Veterans skilled in long-term planning and scenario analysis could transition to roles assessing market, financial, or political risks.
● Industries:
– Consulting Firms.
– Multinational Corporations.
– Energy (oil and gas, renewables).
– Financial Services.
Crisis Management and Business Continuity
● Fit: Military personnel often have experience in emergency planning and disaster response.
● Industries:
– Insurance.
– Telecommuncation.
– Hospitality (hotels, resorts).
– Retail and E-commerce.
Environmental and Health & Safety (EHS) Risk
● Fit: Veterans with backgrounds in logistics, engineering, or environmental operations would adapt well to managing safety risks.
● Industries:
– Construction and Engineering.
– Energy (oil, gas, mining).
– All kinds of manufacturing.
– Transportation.
Fraud and Financial Crime Risk Management
● Fit: Intelligence and investigation skills translate effectively to identifying and mitigating financial crimes.
● Industries:
– Banking and Financial Institutions.
– Insurance.
– Telecommunication.
Project Risk Management
● Fit: Experience managing military operations or engineering projects allows for a smooth transition into risk assessment for large projects.
● Industries:
– Construction.
– Technology Implementation.
– Infrastructure Projects.
Building Up Skill Sets for taking up Risk Management as a Career
For military personnel aspiring to transition into risk management, acquiring the right qualifications, certifications, and skills is crucial to stand out and excel in the field.
Here’s some advice to guide your journey:
Pursue Relevant Certifications
Certifications help validate your expertise and signal your readiness to work in risk management. Here are some widely recognized ones to consider:
● Certified Risk Management Professional (CRMP): Validates broad risk management knowledge.
● Information Security and Business Continuity Certifications (e.g., ISO 27001, CISSP, ISO 22301, CBCP, MBCI): Ideal for those moving into cybersecurity and business continuity risk management.
● Certified Fraud Examiner (CFE): Focuses on fraud prevention and investigation.
● Project Management Professional (PMP): Helpful if you’re aiming for project risk management.
● Environment, Occupational Health and Safety Certifications (e.g., ISO 45001, ISO 14001, NEBOSH, OSHA): Critical for environmental and safety risk roles.
Leverage Military Experience
Highlight your military background in areas like operational risk, crisis management, security, and leadership. This practical experience is a strength and can make you an attractive candidate in risk management, especially in industries like defence, government, and corporate security.
Develop Industry-Specific Knowledge
Tailor your knowledge to specific industries where risk management is critical. For instance, if you’re targeting financial services, familiarize yourself with financial regulations, fraud detection, and compliance issues. If cybersecurity is your focus, study cyber laws, network security, and data protection.
Earn a Relevant Degree or Training
While military experience is valuable, a degree in a related field can enhance your qualifications. Consider degrees or certifications in:
● Risk Management.
● Business Administration.
● Information Security.
● Finance.
● Environmental Health & Safety.
Many institutions offer online or part-time programs that can be pursued while transitioning.
Sharpen Analytical and Communication Skills
Risk management requires strong analytical skills to assess risks and their potential impacts. Equally important are communication skills, as you’ll need to convey risk assessments, strategies, and recommendations to stakeholders clearly. Consider training or workshops that improve these areas.
Network with Industry Professionals
Networking is key in your transition. Join professional organizations such as the Project Management Institute (PMI), Risk and Insurance Management Society (RIMS), Information Systems Audit and Control Association (ISACA), ASIS International or Association of Certified Fraud Examiners (ACFE). Attend events, webinars, and seminars to connect with risk professionals and stay updated on industry trends.
Gain Practical Experience
Internships, part-time roles, or volunteering can provide hands-on experience in risk management and help you apply your military skills in civilian contexts. Seek out opportunities in the sectors you want to enter.
Keep Up with Regulations and Industry Changes
Risk management is a dynamic field. Regularly read industry publications, follow thought leaders, and stay informed on changes in laws, regulations, and risk trends specific to the field you wish to enter. This will also prepare you for interviews and job success.
By combining your military expertise with targeted education, certifications, networking, and hands-on experience, you’ll be well-equipped to succeed in risk management.
