Roles of a risk manager/risk department/risk management function
1. Providing overall leadership, vision and direction, involving the establishment of risk management (RM) policies, establishing RM systems etc. Seeking opportunities for improvement or tightening of systems.
2. Developing and promoting RM competences, systems, culture, procedures, protocols and patterns of behaviour. It is important to understand that risk management is as much about instituting and embedding risk systems as much as issuing written procedure. The systems must be capable of accurate risk assessment.
3. Reporting on the above to management and risk committee as appropriate. Reporting information should be in a form able to be used for the generation of external reporting as necessary.
4. Ensuring compliance with relevant codes, regulations, statutes, etc. This may be at national level (e.g. Sarbanes Oxley) or it may be industry specific. Banks, oil, mining and some parts of the tourism industry, for example, all have internal risk rules that risk managers are required to comply with.
5. Establishing a common risk management language including common measures around likelihood and impact and common risk categories.
6. Implement a set of risk indicators and reports including losses and incidents, key risk exposures and early warning indicators.
7. Primary champion of Risk Management at strategic and operational levels.
8. Developing risk responses including contingency and business continuity programs
No comments:
Post a Comment