CHIEF RISK OFFICER - Enterprise Risk Management

POSITION SUMMARY

As a Champion of ERM (Enterprise Risk Management), the CRO facilitates the execution of ERM Process and infrastructure. CRO role may be either consultative (assess and recommend) or authoritarian (approve) or both, depending on the risk area. With the assistance of Staff function, the CRO supports the Board Audit Committee, the MD, the Executive Committee and Business Unit and support unit managers.

PRINCIPAL ACCOUNTABILITIES

ESTABLISH AND COMMUNICATE THE ORGANIZATION'S ERM VISION.
- Work with an empowered group of Senior Leadership Team to define the appropriate role of Risk Management in the Organization
- Assist Senior Management in Communicating the Risk Management role to the Organization

DETERMINE AND IMPLEMENT AN APPROPRIATE ERM INFRASTRUCTURE
- Assist management with Integrating Risk Management with the Strategic Management process
- Develop and communicate risk management policies and limits, as approved by the MD and the Steering Committee
- Identify Risk ownership gaps and overlaps requiring resolution to ensure appropriate ownership of the priority risks. Monitor the planned actions to fill the gaps and clarify the overlaps, working with the Steering Committee as circumstances dictate.
- Work with Executives to establish the Control Environment that (1) monitors risk across the enterprise, (2) Oversees and enforces risk management policies and limits, (3) Instills the discipline to close significant gaps in risk management capabilities and (4) ensures that Organizational Cultural issues are being managed effectively.
- Assist the MD and the Steering Committee with monitoring the Enterprise’s Critical risks
- Directs the Business Risk Management Forum with respect to (a) the collection, aggregation, summarization and assessment of data points obtained from business units and support units regarding risk management performance and exposures to potential future events, and (b) the assembly and distribution of risk management reports.

ESTABLISH, COMMUNICATE AND FACILITATE THE USE OF APPROPRIATE ERM METHODOLOGIES, TOOLS AND TECHNIQUES
- Establishes enabling frameworks, such as a common risk language, with which to facilitate the collection, analysis, synthesis and sharing of risk and risk management data, information and knowledge
- Validates measurement methodologies in place to ascertain the integrity of the underlying data and the reliability of reports.
- Facilitates sharing of best risk management practices across the enterprise.

FACILITATE ENTERPRISE-WIDE RISK ASSESSMENTS AND MONITOR THE CAPABILITIES AROUND MANAGING THE PRIORITY RISKS ACROSS THE ORGANIZATION
- Coordinates the application of risk assessment across the organization to obtain an enterprise-wide view of risk.
- Periodically facilitates enterprise-wide assessment of risk management policies, processes, competencies, reporting and systems to identify significant gaps in the capabilities around managing critical risks.
- Works with business units and support units to establish, maintain and continuously improve risk management capabilities enterprise-wide.
- As requested, consults with and assists managers of business units and support units during their assessment of risk and formulation of risk responses.
- Conducts risk management education and training from time to time.

IMPLEMENT APPROPRIATE RISK REPORTING TO THE BOARD, AUDIT COMMITTEE AND SENIOR MANAGEMENT
- Develops measurement methodologies and monitoring methods, which aggregate risk exposures and risk management performance on an enterprise-wide basis.
- Supports the reporting of risk exposures and monitoring results to the Board, MD and Steering Committee.
- Assists the MD and the Steering Committee with Capital and resource allocation decisions.

CRITICAL KNOWLEDGE & SKILLS

Senior Executives with the following skill sets;
• Able to think strategically, i.e., they possess the authority and resources to monitor the performance of risk units and risk owners on matters of significance to the enterprise as a whole.
• Understands that Organization must take risks to compete and thrive in the global market place.
• Excellent Communication and facilitation skills
• Able to Organize and motivate others, who in many cases may be in a more senior position.
• Able to work with all levels of management.
• Strong presence and can interact effectively with Senior management
• Previous experience reporting to Boards and Audit Committees.
• When articulating their assessments, they are concise and direct under fire in their communications with top management and Directors.
• Can effectively analyze significant amounts of data and information, and distill it to the key points that help senior management analyze risks in a given situation.
• Have capability to accumulate, summarize and interpret risk reports from business units, risk units, support units and assurance units.
• Previous experience in auditing, risk assessment or risk management is a plus.

Risk Category: 

Other Services of Interest

  • Global Compliances - Free Webinar on key Global Regulations

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on how to be future ready with respect to Global Compliances. Alleviate risk and strengthen your control on global compliance with this...
  • Sarbanes Oxley (SOX) Compliance - Free Webinar

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on SOX (Sarbanes Oxley) Compliance which will take you through the applicability and requirements of the SOX 404 and 302 Act. The...
  • Auditing EUC - Free Webinar

    EVENT OVERVIEW Uncontrolled and untested spreadsheet models pose significant business risks. These risks include: lost revenue and profits; mis-pricing and poor decision making due to prevalent but...
  • Personal Data Protection Services (PDP) - India

    Overview of the Indian PDP Bill (draft) 2018 The Indian PDP Bill (draft) 2018 is one of the most momentous steps towards safeguarding the personal data of citizens. The Bill gives citizens a say...
  • SSPA Assessment - Microsoft DPR Assessments

    The Supplier Security and Privacy Assurance (SSPA) and Data Protection Requirement (DPR) previously known as the Vendor Privacy Assurance Program is an assessment for Microsoft suppliers/vendors who...
  • Self Assessment Software Login - India Data Protection Regulation

    Riskpro India has developed a Self Assessment tool to evaluate and manage the compliance gaps against the almost here regulation on Data Protection. The Free Login access provides you the ability...
  • India: Data Protection Services

    The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Now India has its own version of Data protection regulation that will change...
  • Fire Safety Assessments and Training

    Some of our features of Fire Safety Assessments and Training • Fire Science • The common causes of fire • Identify fire hazards • Types of fires and extinguishers • Fire...
  • Data Protection Officer (DPO) Services

    Why a DPO The General Data Protection Regulation (GDPR) makes it compulsory for certain companies to appoint a DPO. this is a mandatory position that is expected to carry out certain defined tasks....
  • Go to top