Alex Sidorenko from RISK-ACADEMY talks about the place of the risk manager within the organisational structure, as well as pros and cons of different reporting lines for the risk manager.
2 thoughts on “Who should the risk manager report to?”
Are non FS risk managers independent or constructive challengers?.
If they are considered or perceived as independent by management, from a practical perspective good luck trying to get integrated and have close enough relationships with management that you can integrate risk into business processses. Typically if they are perceived as independent from a govrrnance perspective, the risk manager maybe working directly to a board risk sub committee. Is this conducive to building trust with management?. Does this facilitate open and frank discussions?. In theory who a risk manager roports to may not matter, but in practice it may have very important implications.
That’s exactly my point. Sometimes best practice is irrelevant, when risk managers need to have access to people and data. I have another article on exactly that point about sitting with internal audit
Are non FS risk managers independent or constructive challengers?.
If they are considered or perceived as independent by management, from a practical perspective good luck trying to get integrated and have close enough relationships with management that you can integrate risk into business processses. Typically if they are perceived as independent from a govrrnance perspective, the risk manager maybe working directly to a board risk sub committee. Is this conducive to building trust with management?. Does this facilitate open and frank discussions?. In theory who a risk manager roports to may not matter, but in practice it may have very important implications.
That’s exactly my point. Sometimes best practice is irrelevant, when risk managers need to have access to people and data. I have another article on exactly that point about sitting with internal audit