We are all familiar with the famous tagline that accompanied the Mission Impossible assignments: “Your mission, should you choose to accept it…” This phrase was then followed by a seemingly unachievable goal that included incredible peril and a good chance of a dreadful demise. However, the team always pulled the assignment off using skill, creativity, and a good deal of luck.
In today's rapidly changing and complex business environment, the job description of a Chief Risk Officer should probably start with the same line. Companies face a wide range of risks that could have significant impacts on their operations, financial performance, and reputation. Many companies have established the role of Chief Risk Officer (CRO) to shoulder the responsibility. In fact, Deloitte’s Global Risk Management Survey (12th edition) cited that 100% of its respondents had a CRO equivalent position. This survey targeted Financial Service companies underscoring the role of CRO has been a stalwart within that industry for years but the role of CRO has emerged across many sectors.
The CRO is a senior executive responsible for helping the business manage all types of risks that the company faces, from operational and financial risks to strategic and reputational risks. The primary reason most organizations have a CRO is to improve risk management practices ensuring the company has a comprehensive risk management framework in place. This includes the fundamentals of risk management - identifying and assessing all types of risks, developing risk mitigation plans, and monitoring risk exposure over time. The CRO should work closely with other senior leaders in the company to understand the business strategy and implement risk mitigation plans for possible obstacles.
Ultimately, then, the CRO is primarily put in place to help the business make better business decisions. Companies that have a CRO in place can make better business decisions because the CRO provides senior management with timely and accurate information on the risks associated with various business activities. It takes a certain dedication to look at business objectives, such as entering new markets or launching new products, and analyze the possible obstacles.
This is the mission of the CRO should they choose to accept it: Inspect corporate objectives and subject them to a level of scrutiny that identifies potential issues. Unfortunately, the results may sometimes be counter to the aspirations of the business, but that circumspection is incredibly valuable to success. With some skill, creativity and some luck for good measure, this mission impossible makes your business possible – or in risk terms, more probable.
To learn more about the role of the CRO and integrated risk management, read our white paper “Integrated Risk Management: The Enterprise Capability Your Organization Needs”.