Inside companies that produce significant risks, risk managers play a key role. They manage the connection between the risk regulation regime, which stresses public values, and the company, which pursues a broader array of organisational goals. This makes the role of risk managers ambivalent. To better understand this ambivalence and identify the means, motives and strategies that risk managers employ in response to this ambivalence, this article conducts a concise review of (classic) organisation and regulatory literature. Based on this review, we propose a typology that distinguishes four roles of risk managers: risk managers as supporting staff; risk managers as professionals; risk managers as boundary spanners; and risk managers as agents in regulatory communities. Each type subsequently describes how risk managers employ different strategies in their attempt to connect the risk regulation regime and the company, ie translating policies to practices, tailoring policies to practices, explaining and framing policies and practices, and (re)interpreting policies and practices together with regulators. The typology enables researchers and practioners to emphasise and more thoroughly analyse the variety and complexity of risk managers’ work, and can help regulators to broaden and fine-tune their strategies to improve connections with the various roles of risk managers.