Chief Risk Officer at the Center (Critical Conversations eBook Series)
In the Critical Conversations eBook series, OCEG outlines conversations that various executives should have with others in their organization as they build an integrated view of governance, risk management and compliance (GRC) capabilities.
In this installment, we describe the conversations a Chief Risk Officer (CRO) must have with enterprise executives to successfully participate in the development and implementation of an integrated GRC capability that drives Principled Performance.
The CRO is a critical player in the strategic design of the integrated GRC approach that brings change across the four principal operational dimensions: people, process, technology, and culture. At the center of it all, the CRO must understand the implications of GRC at both the strategic and operational levels, and must be prepared to guide the organization to achieve the greatest value from the GRC strategy.
Many CROs are faced with the challenge of revamping an existing siloed and haphazard risk management system and turning it into an integrated process that
provides greater transparency, reliability and value. A well-defined and implemented risk management approach is essential to GRC capability. Without it, governance and strategic planning is weakened and compliance is threatened by the misallocation of resources.
Simply put, effective risk management truly is at the center of the GRC strategy. To develop and maintain a strong risk management process, the CRO must have the support of, and share information with, a number of key members of the executive team.