Conflict Management Training – From the perspective of an ex – retail employee.

Christmas is coming, for many of us this an exciting time that we will be spending with our friends and family, away from the workplace. However, we tend to forget that while we are enjoying our time away from work, for many, it is the most dreaded time of year. In this case, I am talking about those who work in retail.

Having worked for one of the “big four” supermarkets for a few years, progressing through the ranks, I’ve experienced first-hand the kind of conflicts that your average retail employee can face on a day to day basis. If I had a pound for every Christmas I supposedly “ruined” and an extra pound for every disgruntled customer I had screaming aggressively in my face because an item they needed was not available just before Christmas day, I would never have to work again.

Now, I can admit that overall, I was fairly good with dealing with these kinds of conflicts, mainly due to the fact that I had worked my way up to a higher position and had the advantage of watching experienced managers deal with conflict situations. However, I had never received any formal training in this area, and unfortunately, disgruntled and angry customers do not have a radar which allows them to focus their anguish at the most senior colleague in the building. Everybody is effectively a target in these situations, it doesn’t matter if you’ve worked there 30 days or 30 years, in the retail environment, anybody could be thrust into a situation where he or she are dealing with conflict of some kind.

Too many times had I seen fellow colleagues in tears because they did not know how to deal with a situation like this, which often as a result merely made the situation worse. This was no fault of the employee, if they have not been trained in how to deal with conflict situations, then they can’t be expected to resolve it, as far as I’m concerned.

During my time in retail, events like this occurred on, more or less, a daily basis, and it was often just passed off as “the norm.”

However, once I was away from retail and focusing on getting my training qualifications, I was sent on a Conflict Management course by my current employer, this opened my eyes to the training that I could have (and I feel that I should have) received when I was working in retail.

This 2 day course was straightforward, and the knowledge and techniques that it bestowed upon me were, in theory, extremely simple. Over this period, I found myself constantly saying the same things: “I wish that I had learned this when I was in retail…”, “That would have been handy to know when I was working in retail…” etc, you get the idea.

Now, as far as I’m aware, members of management in retailers do get some form of conflict management training. However, management in retail is not the front line, and their skills usually only come into practice because of some form of escalation. This is due to the majority of those on the front line, the shop floor workers, have little to zero training in conflict management. When you consider that they are the ones who will be bearing the brunt of the initial conflicts, this just seems wrong. Just imagine how much time and aggravation could be saved if the initial spark of conflict could be extinguished by those on the front line!

There are undoubtedly a number of reasons that retailers won’t give all their employees sufficient conflict management training, with cost and time being the main two. But, speaking as an ex-retail employee who did conflict management after his time in the sector, I really, really wish that I had this training, and I’m sure a lot of my colleagues would have as well.

These are not just skills that one can apply to their retail career, these are skills that you can apply to almost any walk of life. The knowledge someone can take with them is invaluable.

Within the workplace, colleagues could feel safer and confident that they would know what to do when conflict inevitably arises.

I feel that many of us underestimate just how far conflict can go with customers, although it is rare, there has been instances where I have seen (and been told stories of) violence being used towards employees. Violence, that could have been avoided had the right training been delivered.

Consider Conflict Management, for a safer, more secure working environment.

By Jake Wade.

The Importance of Managing Risk

Cyber crime is making all the headlines at the moment and it was recently reported[i] that cyber crime and fraud are now the UK’s most common offences. Any company that operates online is exposed to the risk of cyber crime and the bigger and more dependent the organization is on the internet, the greater the damage that may be done. Note the use of the word ‘may’ because that is what a risk is: something that might happen. If and when it does happen it is no longer a risk but an issue…… that needs resolving.

So we can see that risk is the possibility of something (normally bad) happening with consequences that will damage the business. Damage or impact could be financial, reputational or on the people connected with the business. This concept of risk being two dimensional is important to recognise because people will sometimes focus too much on the impact forgetting or ignoring the probability. The fear of flying, for example, is irrational because the likelihood of an incident happening when you are flying is extremely small but the impact/consequences may, of course, be catastrophic.

Human beings have always managed risk: our ancestors use to live in caves to protect themselves from animal attacks; the Romans maintained a well-trained army in case of insurgency: the plimsoll line was created to help prevent ships from sinking when cargo was being loaded. Nothing has changed to this day save for the fact that most organisations nowadays have to actively demonstrate that they are managing risk. In other words, there has been a move has been from implicit/informal to explicit/formal risk management. This move from implicit/informal to explicit/formal risk management has manifested itself in businesses setting up risk registers, appointing Chief Risk Officers and supporting staff and even developing methods to quantify risk exposures as a basis for providing reserves should such risks manifest themselves.

So where do you start if you want to be more explicit with your risk management? The first thing to do is to understand the process of risk management which typically has four phases:

Identification – a subjective exercise in identifying all the risks that might affect the business. These are often grouped into areas such as financial, operations, IT, legal and so on. The aim is to develop a list of risks without ignoring any that are identified.

  1. Assessment – a subjective evaluation of the likelihood of a the risk occurring and the impact that it would have if it were to manifest itself. There are various scales that can be sued for this process and the starting point is to consider these risks as if there were no controls in place (see next step) to mitigate the risk.
  2. Selection – selecting a suitable way in which the likelihood or impact may be reduced. Mitigation techniques are often referred to as the four Ts:
    1. Treat – techniques which implement or improve controls to prevent the risk from occurring;
    2. Transfer – techniques which move the risk out of the business (insurance is the best example of transferring a risk);
    3. Tolerate – accept the risk and choose to do take no further action, may be because the probability is too remote;
    4. Terminate – avoid the risk completely by, for example, deciding not to move into a new business line.
  3. Implementation – the final stage in the process involves re-assessing the likelihood/impact with the mitigation actions in place, implementing the agreed actions and then providing a follow-up/monitoring plan to ensure the risk remains ‘under control’

Risk identification is, by definition, an ongoing process as new risks emerge (such as cyber crime) but that doesn’t mean that the process needs to be done on a daily basis. In fact, once the process has been documented in a suitable risk register[ii] then it is just a question of reviewing the results every 3/6 months to make sure that nothing has changed. Of course, if there is an unexpected external event (such as a terror attack) which may affect your business then a review can take place immediately. In fact, scanning the external environment for new and emerging risks is part and parcel of the risk identification process.

An assessment of the risks facing a business should be broadly based and look at both internal and external risks. Typically the former are easier to control whilst the latter are harder. First aid is one area that should be included in your risk assessment as, not only is it a statutory requirement, it is also good business practice to prepare your business for the types of eventualities where well trained employees are able to react to an emergency in the workplace. More information on first aid risk assessments can be found on the Health and Safety Executive website[iii].

At this point, it is worth pointing out that the negative connotations of risk management thus far described need to be balanced against an organisations requirement to take risks. Any new business is taking risks when it first sets out. Any new venture for an existing business is risk-taking. The very simple message that comes from this is that an organization has to manage risks to protect the business and take risks to grow the business. As always in business, there is a balance to be struck between the two and achieving that balance is down to the directors.

The litany of failures caused by poor management of risks is endless. The consequences of poor risk management can lead to huge financial losses (witness the global financial crisis) or even loss of life (witness the Mid Staff NHS enquiry). Many of these failures hit the Press with headlines that “this should never be allowed to happen again”…….but sadly they do. Such catastrophic events may be confined to larger organisations but smaller businesses are not immune and can protect themselves without creating too much bureaucracy and recognising that good risk management is a necessary part of doing business in today’s complex working environment.

Keith Blacker is director of RPI. He holds a doctorate in Operational Risk Management and co-authored the People Risk Management published by Kogan page in 2015.


[ii] If you would like a copy of a simple risk register template with instructions on how to use it please contact


ISO 9001 and ISO 14001 Certification – Our journey.

We have recently just completed the long process of gaining ISO 9001:2015 and ISO 14001:2015 certification for our company. Today’s blog will be briefly looking at what the process involved, and what this means for us.

What is ISO 9001 and ISO 14001?

Essentially, they are the international standards that specify the requirements for a Quality Management System (QMS) and an Environmental Management System (EMS), respectively. These standards demonstrate an organisations ability to meet customer and regulatory requirements when providing products, services, courses, etc. (9001) Whilst maintaining a consideration for the environment and demonstrating that any activities undertaken by the certified organisation are always done with the intention of minimizing any potential harmful impact. (14001)

Both standards can be acquired by any organisation, regardless of size and/or industry.

Why did we decide to get certified?

The main reason that we decided to get ISO certification was due to the fact that our company often partakes in tender bids. Some of these tenders specified that successful organisations must have ISO 9001 and/or ISO 14001 certification. Although not every tender required this, and we could have quite easily gotten by had we not been certified, we decided to research the benefits of having this certification and decided that it wouldn’t just be beneficial in terms of tender bids, but it would in fact be beneficial to the company as a whole.

The process

The process was admittedly extremely long, and often tedious. You will sometimes find that bigger organisations hire consultants to design and maintain their QMS and EMS. There were two main reasons why we decided against this:

  1. The process itself isn’t cheap, hiring consultants to do the work for us would have proven to be considerably more expensive. For a new company like ourselves, this wasn’t feasible and we couldn’t justify spending money like that. However, more importantly…
  2. We felt that hiring a consultant defeated the object of a QMS and EMS, as this would mean that we wouldn’t be completely engaged in the process. We wanted all of our staff and contractors to not only know what our processes were, but also, why we were doing them. Using a consultant to both design and maintain the system would mean that, in theory, a lot of our staff wouldn’t need to be involved in the process at all.

Of course, we didn’t want this to be the case. We wanted everyone at RPI to be fully committed and involved in the design, implementation and maintenance of our ISO systems.

So then came the task of designing all of our processes, and to achieve this, we needed to effectively tear our company down (metaphorically of course!) to its bare bones and build it up again. We looked at each individual product and service that we as a company offer first, which we then narrowed down in to the following categories:

Courses, Consultancy, Venue Hire and Procurement. 

We then had to design a number of forms and flowcharts around each service, the end goal being that each service has a simple, universal template that anybody in the company can follow, to ensure consistency across the board and justify our QMS.

It sounds simple, and it is! I could go in to detail with what the forms and flowcharts consisted of, but that would be extremely boring. We noticed as we were creating these documents, if you know your company, then it is rather easy, it’s just time consuming.

As well as the forms needed for processes, everything surrounding the company needed an individual log that needs to be constantly updated: Purchase Log, Supplier Log, Enquiry Log, Invoice Register… These are just a few of the logs needed to achieve ISO certification. Keeping these updated was a challenge, but luckily as we became more and more involved with our QMS, the updating of logs became the norm, now that we have a solid system in place, our company runs smoother as a result.

Everything we had done then needed to be accumulated and become part of the QMS/EMS Manual, which essentially would serve as our master document and our “go to” guide.

The certification visit

Once we were confident that we were ready to go, we booked in a two stage visit. These worked like audits, where an external assessor would come and review our entire QMS/EMS.

On our Stage 1 visit, we came to realise that our QMS/EMS Manual didn’t adhere to the current standards, as the new 2015 ISO requires the Manual to be contextualized in relation to our company. We made the mistake of creating a fairly basic and general manual for both the 9001 and 14001. We were also advised that we did not need two seperate manuals for the two seperate standards, we would be allowed to combine the two! This would make things a lot easier in the long term for us, but in the short term it meant that the Manual was going to have to undergo extensive revisions, to the point that we were basically rewriting it.

Overall, the Stage 1 visit went well. Our forms and policies only needed some minor revisions, (which was to be expected) the main change was going to be our manual. We had a week to get everything in order before the Stage 2 visit.

After many long days and late nights, we completed the new manual and we felt that we had done everything we could have possibly done to achieve certification…

And we did! The Stage 2 visit was a great success, our new manual was up to scratch. The only real points we were brought up on was the odd bit of wording on certain policies and forms that needed tweaking, this wasn’t enough to warrant a “failed visit” however, so we were recommended for certification and those improvement advisories were amended the same day. As of this writing, we are just waiting for our certificate to come through.


The entire process was a very interesting journey, it was tough at times, it was long, but we are all in agreement that we are so glad that we did it.

We feel that our company runs smoother and better as a result of the system we put in place for this certification, in fact, we can’t imagine a life before it!

Obviously, this blog hasn’t gone in to the specifics in much detail, mainly because if it did, you’d have to be reading for hours! However, if you are considering getting ISO 9001:2015 or ISO 14001:2015 (Or both!) and would like some more information, feel free to get in touch, we’d be happy to help!

Until next time.

The RPI Team.