Risks are commonly categorized as strategic, reputational, operational, financial, or compliance-related. Coso enterprise risk management integrated framework 2004 pdf are accountable to the Executive Committee and The Board for enabling the business to balance risk and reward.
The CRO is responsible for assessing and mitigating significant competitive, regulatory, and technological threats to a firm’s capital and earnings. The CRO roles and responsibilities vary depending on the size of the organization and industry. The CRO works to ensure that the firm is compliant with government regulations, such as Sarbanes-Oxley, and reviews factors that could negatively affect investments. Typically, the CRO is responsible for the firm’s risk management operations, including managing, identifying, evaluating, reporting and overseeing the firm’s risks externally and internally to the organization and works diligently with senior management such as Chief Executive officer and Chief Financial Officer. According to Watson, the majority of CROs agreed that having only exceptional analytical skill is not sufficient. The most successful CROs are able to combine these skills with highly developed commercial, strategic, leadership and communication skill to be able to drive change and make a difference in an organization. CROs typically have post graduate education with over 20 years of experience in accounting, economics, legal or actuarial backgrounds.
CROs need to balance risks with financial, investment, insurance, personnel and inventory decisions to obtain an optimum level for stakeholders. A main priority for the CRO is to ensure that the organization is in full compliance with applicable regulations and to analyze all risk related issues. The responsibilities and requirements to become a chief risk officer vary depending on the size of the organization and the industry, however most CRO’s typically have a masters-degree level of education and 10 to 20 years of business-related experience, with actuarial, accounting, economics, and legal backgrounds common. There are many different pathways to become a CRO but most organizations prefer to promote their own employees to the position internally. When comparing the function of a CRO to the rest of the officers, we find that there is a relationship with every other role.