To know or not to know
This seems a very strong argument: how can you be opposed to people who really know what's going on, and hate being informed by 'just an abstract dashboard'. So, why does it make sense to have proper risk management implemented?
>First of all: you don't know what you don't know. As the famous saying goes: "Only Santa Claus can be at two places at the same time". It is simply not possible to know everything, and when there is a process in place to make sure people report risks; there is the chance you know more.
Secondly, not everybody is in a position to be everywhere. It is normally the top of the organization that is able to do this (and should be doing this). But risk management is not just information flowing bottom to top. Many others in the organization simply don't have the bandwidth, and don't have the authority. Still, they would greatly benefit from the insights, the challenges, the benchmarks, the risks and the mitigating actions. Only a formalized risk management process can resolve this.
Thirdly, the tone at the top is vital here. Communicating risks needs to be formalized. Once a risk is communicated, it is deemed important. The risk management culture follows on from this and develops over time. This doesn't mean Kafka 2.0 should be implemented; risk management is a process, helped by technology, and driven by people.
So, I believe the dashboard will never replace the actual communication being there, the talking, and the asking of difficult questions. Risk management however, when properly implemented, helps to ask those questions, and helps to make things actionable, and ensures they are monitored.