Language determines how people share information, invoke emotion in others, or persuade them to action. The words chosen also frame a listener's perspective on an individual beyond simply that interaction. How people select and use words appropriately in a situation is important.
With this as a backdrop, it was no surprise that when my business partner referred to "risk as the Rosetta Stone" for business, the concept rang true. The Rosetta Stone, discovered in 1799, allowed people to decipher once-challenging Egyptian hieroglyphics. Having the key to deciphering the message unlocked understanding and knowledge previously unavailable.
Using the language of risk offers a similar master decoding structure--in this case, for businesses to leverage for greater understanding. Business demands as varied as resource allocation and product innovation will benefit from the use of a shared risk language that enables the organization to build from a common baseline. Leveraging a common organizational language can increase the organizations efficiency and heighten value delivery. For auditors, leveraging components of a shared language can not only increase message clarity and enable more effective communications with business partners, but also enhance the understanding and outcomes of audits, projects, and advisory engagements.
The Language of Risk
Much as a language is made of key components such as vocabulary (shared definition of words and terms), syntax (arranging words in a sentence for meaning), and pragmatic rules for situational use, the language of risk is made of standard components. Ensuring these components are designed, shared, and understood across the organization supports effective communications and decision-making. Internal auditors should consider how these key risk components are structured in their organization and whether modifications or increased awareness might further enable their use as a common language for the business.
Taxonomies (a common vocabulary) The core of any common language leverages a shared baseline. In risk-speak, this baseline is a taxonomy, naming standard, or universe definition. The risk universe or other classification structure provides a consistent lens to assess operational activities, monitor and compare effectiveness, and frame the scope of project or risk remediation efforts. A defined taxonomy also allows for a common aggregated reporting structure. This structure enables effective business...