As the business world continues to grow in complexity, expectations that business leaders including the C-Suite and board of directors have the competencies to manage the unfolding risks triggered by that complexity also continue to increase. In response, organizations are seeking to enhance their risk governance capabilities and the marketplace for talent is now finding that risk management is an expected core competency for those seeking senior leadership positions.  

In this video interview, Chuck Saia, Senior Partner at Deloitte and former CEO of Deloitte’s Risk and Financial Advisory business and former Chief Risk, Reputation, and Regulatory Affairs Officer at Deloitte shares insights about risk management leadership and governance in a discussion with Mark Beasley, Professor and Director of the ERM Initiative.

Establishing Risk Governance Lines of Reporting

As organizations seek to strengthen their risk management efforts, Chuck suggests that they evaluate the overall structure and governance of the entity’s risk management leadership by considering questions such as

  • Who owns risk management within our organization?
  • What are the lines of reporting for our risk management leader?
  • Is our risk management leader seen as a business leader by others in our organization?
  • How much “air time” is given to the risk management leader by our CEO and board?
  • What is the governance structure surrounding the risk management efforts in our organization?

Answers to these questions can help reveal opportunities to strengthen the contributions of the risk management focus of the organization. For risk management to be value-adding from a strategic and governance perspective, those who lead the risk management oversight need to have an enterprise-wide view and access to those at the senior leadership level, including access to the board, and they need to have a strong understanding of the business and what drives value for the organization to succeed. That allows risk insights to be integrated with strategic decision-making on an ongoing basis.

Characteristics of an Effective Chief Risk Officer (CRO)?

Chuck shares his thought about two important traits for individuals serving in senior risk management leadership roles, such as a CRO:

  1. Need a thick skin. At times, a CRO has to elevate issues and reveal information that isn’t always easy or pleasant to disclose. At other times, other business leaders respond to concerns raised by a CRO with comments such as “that won’t happen to us”.  Push back and resistance are common for individuals in CRO roles. The CRO may come under attack by others.  Having a thick skin and being resilient are important attributes to consider.
  1. Be a really good influencer and team player.  CROs are part of two teams: they lead the team that helps manage the risk function for the organization and they are part of the C-Suite team.  An effective CRO recognizes the importance of building rapport with both teams.

Developing Risk Management Competencies

Chuck also notes that younger professionals seeking to increase their leadership opportunities can benefit from developing a core competency in risk management – one that demonstrates they understand risks.  Early in their careers, young professionals will likely be in a risk management role that addresses a particular risk area - for example – cyber risk.  They can enhance the value of their contribution by demonstrating that they can connect the dots between what risks they are managing to other risks of the organization, such as brand and reputation risk.  Developing skills that help them see the broader enterprise-wide risk view makes them a much better professional.

Leadership Book for Young Leaders

Chuck has just released a book, You Got This Kid!  Words of Advice for Young Leaders, that challenges young leaders to find the secret sauce that will help them carve out their unique path through the corporate jungle. Drawing on his 30 years of experience, Chuck makes seven unforgettable analogies between the business world and the animal kingdom, from developing an armadillo’s thick skin to spotting scorpion-like managers to building a team of dolphins.

You can find his book on All proceeds will be donated to help benefit Lupus research and environmental sustainability efforts.

Subscribe to ERM Insights

The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.

Related Resources

ERM Enterprise Risk Management Initiative 2021-02-15