This job description provides an overview, job duties and specifications for the chief risk officer (CRO) role. The CRO is responsible for the governance of risks and opportunities impacting the organization.
The main purpose of this position is to ensure that the organization is in complete compliance with government regulations and guidelines. The CRO is also responsible for risk mitigation, internal audit, corporate investigations, information security matters and the development of risk analytics, and reports directly to the board of directors or the chairman. The position facilitates and monitors division-wide activity, is a trusted advisor and subject-matter expert on the requirements of Sarbanes-Oxley, monitors and reports Sarbanes-Oxley compliance and testing results, and manages a team of subject-matter experts.