Chief risk officer

The chief risk officer (CRO) or chief risk management officer (CRMO) of a corporation is the executive accountable for enabling the efficient and effective governance of significant risks, and related opportunities, to a business and its various segments. Risks are commonly categorized as strategic, reputational, operational, financial, or compliance-related. CROs are accountable to the Executive Committee and The Board for enabling the business to balance risk and reward. In more complex organizations, they are generally responsible for coordinating the organization's Enterprise Risk Management (ERM) approach.

James Lam, a noted risk professional, is credited as the first person to coin the term. Lam is the first person to hold that position at GE Capital in 1993. The position became more common after the Basel Accord, the Sarbanes-Oxley Act, the Turnbull Report.

A main priority for the CRO is to ensure that the organization is in full compliance with applicable regulations and to analyze all risk related issues. They may also be required to work alongside other senior executives such as with a chief compliance officer. They may deal with topics regarding insurance, internal auditing, corporate investigations, fraud, and information security. The responsibilities and requirements to become a chief risk officer vary depending on the size of the organization and the industry, however most CRO's typically have a masters-degree level of education and 10 to 20 years of business-related experience, with actuarial, accounting, economics, and legal backgrounds common. There are many different pathways to become a CRO but most organizations prefer to promote their own employees to the position internally.

Risk

Risk is the potential of gaining or losing something of value. Values (such as physical health, social status, emotional well-being or financial wealth) can be gained or lost when taking risk resulting from a given action or inaction, foreseen or unforeseen. Risk can also be defined as the intentional interaction with uncertainty. Uncertainty is a potential, unpredictable, and uncontrollable outcome; risk is a consequence of action taken in spite of uncertainty.

Risk perception is the subjective judgment people make about the severity and probability of a risk, and may vary person to person. Any human endeavor carries some risk, but some are much riskier than others.

Definitions

The Oxford English Dictionary cites the earliest use of the word in English (in the spelling of risque from its Arabic original "رزق" ) which mean working to gain income gain and profit (see Wikipedia Arabic meaning ) as of 1621, and the spelling as risk from 1655. It defines risk as: