top of page

Risk Workflow

Goldman Sachs, 2017-18

System summary

Risk management as a function is both time-critical and has little to no tolerance for error. Risk managers spend their days pouring over information from various sources, understanding the markets, and formulating narratives. They then look at their firm positioning and make suggestions to align the firm favorably to those market conditions. However, the actual operations of this job include gathering data from multiple sources, tracking many asynchronous processes, validating model output, and performing governance, all in real time. To make working along with various processes and systems easier, my team and I designed a workflow tool to track progress and introduced checks and balances to reduce human-introduced operational errors.


Risk Management

~300 people

Responsible for validating and interpreting data to make risk management decisions.

Core Team

4 people

Worked actively to build the system

My role

Product lead, Risk management: I was responsible for designing the workflow tool to make risk management easier for users. I gathered user requirements, worked on process design, and was part of the team that wrote the core libraries for the product.

User needs

Status visibility

  • Ability to view the status of all underlying systems for various cuts of data in real-time

  • Ability to view the progress made by individual risk managers

  • Ability to summarize this status and send point in time snapshots to stakeholders


  • Standardization of best practices into a standard procedure across businesses and regions

  • Standardization of review processes to ensure each number used to manage the firm goes through the same level of scrutiny

  • Standardization of reports generated by various businesses and onboarding these to reporting frameworks

Process streamlining

  • Implementation of dependency graphs to reduce operational errors

  • Automation of processes such as data gathering and diagnostic testing to reduce the effort required to do that

Documentation and governance processes

  • Increase the auditability of the work done by the firm

  • Document work and commentary systematically to enable historic analysis.


This system was to mark the shift from traditional spreadsheet-based risk management into a system-based approach. The two primary goals set forth were to reduce the time taken to produce usable risk metrics and increase the process's visibility across teams and geographies. We built the following components to bundle into our product to achieve these goals.

Status visibility

Risk Dashboard: provided real time status of all upstream systems by polling them at regular time intervals, in addition to querying them on demand.


  • Integration with Symphony: Adopting a more conversational approach to teamwork over emails. 

  • Risk Bulletin: Sat along with Risk Bardboard – One way broadcast style of communication from global coordinators to team members.

  • System generated status updates: Single click email updates upon completion of business level risk commentary


  • Standard Reporting: onboarded the process into firmwide reporting framework after standardizing risk processes across the globe

  • Best Practise: We arrived at the umberella of best practices by surveying risk managers, businesses and other stakeholders of the firm’s risk. Encapsulating this into a standard procedure led to improved quality, and easy onboarding of new colleagues and businesses.


  • Integration with JIRA: Integrating with JIRA allowed for structured documentation of processes, issues, and analysis. Using JQL this data could be queried to generate summaries of the most pressing issues, creating transparent accountability. This also had the added benefit of persisting information on the firm’s servers

Process Streamlining

  • Dependency graphs, priority queues, process automation

Commentary Capture

Risk managers added notes from their investigations in real-time. These notes were a combination of freewriting, hashtags, and numeric entries. Downstream systems picked up these notes and created risk summary packs to be circulated internally.




Teams from multiple locations across the globe were consolidated into three offices. This consolidation resulted in cost benefits and more cohesive risk processes.


Using our audit documentation, we were able to influence system fixes and a migration plan to new state of the art platforms in upstream processes.


Standardization led to extensive scaling and more comprehensive risk management practices.


The success of the product inspired other teams to adopt the philosophy and system, leading to a general paradigm shift in the division and the firm.

bottom of page