Strengthening the Chief Risk Officer & Chief Audit Executive Partnership

By: John A. Wheeler

Many companies are creating the new role of Chief Risk Officer (CRO) as they seek to evolve their Enterprise Risk Management (ERM) program. These companies recognize the need for a risk champion to sustain an ERM program and provide the necessary executive support to act upon risks that continually surface.

To be effective at sustaining the ERM program, CROs can look to Internal Audit and the Chief Audit Executive (CAE) for help. The CRO and CAE share many similar objectives and when the two executives work in tandem, they can add great value to the company and its various stakeholders. At the same time, each of these executives has unique responsibilities that require independence. Below is a summary of the CRO and CAE roles.

Beyond their individual roles, it is critical that the CRO and CAE adopt a common risk management framework and methodology. I’ve seen many clients attempt to utilize various forms of risk assessment and spend more time trying to reconcile the differences rather than spending the time working together to mitigate the risks themselves. Once a common framework and methodology is in place, then a common infrastructure and technology platform, like OpenPages, can streamline the program to add even greater value to the enterprise. Working together, the CRO and CAE can then focus on specific strategies to ensure the ongoing success for an ERM program. I’ll discuss these strategies in my next blog entry, so stay tuned!

This entry was posted on Wednesday, February 3rd, 2010 at 5:22 pm and is filed under Enterprise Risk Management (ERM), Internal Audit Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.