Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Board members should ask key questions for effective risk management

Reprints
Board members should ask key questions for effective risk management

A board that wants effective risk management oversight should focus on five key areas, says James W. DeLoach, managing director at Protiviti Inc. in Houston.

• Does the company's risk profile reflect its risks? “That's a question every board should be asking,” Mr. DeLoach said.

• Is the company continuously improving its risk management capabilities? “The board should be focused on making sure your lines of defense are strong,” he said. The lines of defense are the primary risk owners, the risk management and the internal audit functions.

• Is the board's risk appetite the same as top executives'? “The question for the board is, "Do we understand the CEO's appetite for risk?' And that's a strategic issue,” he said.

• Is the organization's risk culture encouraging the right behavior? The board needs to be alert for dysfunctional behavior and confident it's providing timely input on critical risks. “What you're really looking for ... is evidence the organization is undertaking appropriate risk,” he said.

• Has the organization integrated risk management with core processes? “Is risk management a stand-alone appendage for the CEO and the C-suite, or is it integrated?”

Read Next

  • Corporate boards increase focus on risk management issues

    A series of events starting with the 2008 financial crisis and continuing through recent major data breaches and defective-part recalls are prompting many companies' boards to take a more active role in overseeing risk management, a strategy that can benefit the organization and the risk manager.