While I still don’t quite understand the intense focus on defining GRC among GRC consultants, analysts, and vendors, this column by Lumigent Technologies President and CEO John Capobianco helped me understand that the motivation behind this focus extends beyond competitive positioning.
I also followed up with Capobianco to find out where he sees the Chief Risk Officer fitting into this picture. Here’s his response:
The CGO [chief governance officer] is likely to be more valuable than the CCO simply due to the relationship between compliance and governance. … The CCO’s responsibilities, then, are really the chief financial officer’s job. Once compliance and compliance reporting are under control, the company is in a position to better evaluate, understand, and mitigate risks over time. And those capabilities blend with corporate wellness or corporate governance, which is really focused on making the most out of a business, making it more valuable after taking into account all of the risks, strategies, and reporting.
One of the more daunting thoughts for the executive team is: How big can the team be and maintain its effectiveness? One of the arguments against having a CCO, a CRO, and a CGO is that they are all related and perform a task that was formally the purview of the CFO. In fact, the CFO is still responsible for all compliance reporting (he and the CEO still sign all of the forms). Compliance reporting is driven by risk identification and mitigation, so the CRO (Risk) and the CCO still seem to fit within the CFO. That is, until you expand the scope of risk identification beyond what is needed for compliance reporting.
This is where I believe a Chief Governance Officer can add value to the executive team and to the board of directors. By focusing on overall risk, not just that related to compliance reporting, and its impact on the future of the business, the CGO can be in a position to add value to the team and complement the decision processes that happen in the C-suite every day.
The CGO can have the responsibility, and the authority, to challenge the heads of each area, the CFO, the CMO (Marketing), the CRO (Revenue) Big Fat Finance, the CIO (Information) and the COO (Operations), to help the CEO and the board make critical business decisions about the future of the business and investments that need to be made (or unmade, as the case may be). You have to keep the team as small as possible and have both responsibility and authority clearly defined and broad enough to make a difference. ###
Here’s a snippet, one of several passages that contain valuable food for (GRC) thought:
http://coachfactorystore-bag.weebly.com
0 comments:
Post a Comment