SIDEBAR: CIO, It's You
Why IT must champion enterprise risk management
Among enterprise risk management experts, there's widespread agreement that the CIO is the most appropriate senior-level executive to lead her company's transformation to a risk-managed organization - whether or not she wants to. "CIOs are going to be dragged into the leadership position on ERM," warns Robert Charette, a risk management expert with the IT consultancy Cutter Consortium.
CIOs will be in the ERM hot seat for several reasons. First and foremost: IT is now critical to most business operations. When systems are down because of a virus or power outage, so is your business. Second: Because IT supports every department, the CIO is the senior executive with the broadest knowledge of his company's business processes. Because of these trends, some ERM experts predict that corporations will begin to appoint board members who have a deep understanding of IT and its risks. These board members will want to talk to you.
For all of these reasons, even if a company hires a chief risk officer - an ERM specialist - to handle the corporate-wide effort, the CIO will still have a prominent leadership role. Charette notes that as technology products become commodified, companies will differentiate themselves according to how effectively they use IT- including how well they manage its risks.
Besides, says Bill Sharon, who recently left his job as CIO at McCann WorldGroup to start his own risk management consultancy, Strategic Operational Risk Management Solutions, the chief risk officer's job is to find problems; it's the CIO's job to solve them.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.