First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

A management risk committee

risk committee

A couple of weeks ago, Jim DeLoach shared his views on effective [management] risk committees. I pretty much agree with what he had to say in NACD’s BoardTalk.

This, plus a question from a follower of this blog on the same topic, had me searching for the charter of the risk committee I established, with the strong support of the CEO, at Business Objects. Unfortunately, I couldn’t find it. But I can share some of the principles under which it operated.

The four members were all direct reports to the CEO and I served as staff and advisor. They included the executive vice presidents responsible for Product Development and Marketing (chair), plus the CFO and general counsel

The committee was responsible for oversight of management’s processes and policies around the management of risk. This included being evangelists for the consideration of ‘what might happen’ in all major decisions of the business.

We spent most of our time working to reach a consensus on the major risks and opportunities that might affect the company’s objectives. The members each represented a very different segment of our business operations and it took their collective insights to see the big picture.

But, the full executive committee would then consider the assessments made by the risk committee, led actively by the CEO. In fact, in some respects the executive committee wasthe risk committee.

In any event, the committee did not last very long for the simple reason that the company was acquired by SAP.

How does your risk committee function?

Why does it exist?

What value does it deliver?

How does it integrate with discussions on strategy and performance?

Follow me

Norman D. Marks, CPA, CRMA

Norman D. Marks is an Author, Evangelist and Mentor for Better Run Business, as well as an OCEG Fellow and Honorary Fellow of the Institute of Risk Management. Mr. Marks has been a practitioner and thought leader in internal audit, risk management, and governance for a long time. He has led large and small internal audit departments, been a Chief Risk Officer and Chief Compliance Officer, and managed IT Security and governance functions. Read more
Follow me

Latest posts by Norman D. Marks, CPA, CRMA (see all)

, ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.