The Agency Insider with Linda McGlasson

Risk Management is Now in Style

Risk Management is Now in Style

A recent survey of public banking institutions shows that the number of public banking institutions with a chief risk officer nearly doubled in 2009.

To me, this news shows that the industry has turned a corner when it comes to addressing risk and security issues and are taking risk and security seriously.

All I'll add this: It's about time. I've listened for years as banking industry executives have done much "supposing" and "what iffing" when it comes to whether security issues are important to their organizations. It is a fact - a risk management program will never stop all the bad things from happening to your institution, but considering the alternative? I'll take a risk management program and a chief risk officer, please.

The survey of audit committee members by audit and advisory company Grant Thornton shows enterprise risk management and "unknowns" are among their biggest fears. Hence, the trend of banks hiring chief risk officers picks up pace.

The survey shows 71 percent of the public institutions reporting they have a chief risk officer, compared to just 40 percent of institutions reporting they had a CRO three years ago. In contrast, the survey says only 32 percent of private banks have a chief risk officer.

Not surprising is the number of audit committee members (82 percent) who believe the recent credit crisis has increased their risk as audit committee members. It' also no surprise that 35 percent report they have a risk committee that is separate from the audit committee. The survey report shows 41 percent of respondents among large banks have a separate risk committee, as opposed to 17 percent among those representing small banks.

The biggest fear audit committee members say they are facing is monitoring enterprise risk management at 31 percent. (It's a bigger fear for large banks at 32 percent, small banks at 24 percent). Second to monitoring ERM is "fear of the unknown," with 25 percent of respondents reporting this as their biggest concern.

Information security professionals: What is your biggest fear? I know what mine would be -- that there's not a chief risk officer to measure and handle the risk in my institution.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.