Be the first to like this
Risk culture is the glue that binds all elements of risk management infrastructure together because it reflects the shared values, goals, practices and reinforcement mechanisms that embed risk into an organization’s decision-making processes and risk management into its operations. In effect, it is a look into the soul of an organization to ascertain whether risk/reward tradeoffs really matter.
Issue 57 of Board Perspectives: Risk Oversight offers a definition of risk culture, discusses what to look for when assessing the current state of risk culture and recommends what to do when transitioning to the desired risk culture. Based on research Protiviti has done with outside organizations, it provides insights relevant to any industry or organization.
Note that this article will also be available at http://www.directorship.com/author/jim-deloach/.