Set a collaborative tone

Why a collaborative tone is a first step

Our Study found that it’s not uncommon for multiple executives and board committees to bear accountability for aspects of the same risks—especially when those risks, such as cybersecurity or privacy, span the global organization.  At the same time, regulators and other stakeholders are increasingly insisting that an organization have a cohesive point of view and undertake clear accountability for such responsibilities as protecting consumer privacy and demonstrating operational resilience.

Adding to the disconnects, senior executives receive—with regard to the same risks—different insight from different risk functions, and the risk insight they receive may not be well-aligned with the organization’s business strategies or its risk appetite.


“We all need the same risk heat map and risk teams need to make that map come alive with specifics about what could go wrong and the coverage they are providing.”

Kate Walsh, board member, Wellcare Health Plans

Do the board and senior executives expect risk functions to align on top risks, risk prioritization and relative responsibilities?

Consider these steps to make sure a collaborative tone and appropriate governance of risk management are in place.

If perspectives on risk vary from one executive to the next, it’s time to hone risk-management program governance to ensure everyone’s clear understanding of, and accountability for, risk.  This starts with setting a collaborative tone and boards and executives play major roles in pushing for collaboration between risk functions.

Expect and provide a consolidated view of risk.

Boards and senior executives should insist on a consolidated view of their organization’s risk profile. To meet that requirement, an organization has to enforce the use of a shared data model as well as common risk assessment, issue management, and key-risk-indicator frameworks in order to aggregate and report in a comprehensive and coordinated manner.

Agree on collective risk priorities.

The board, senior executives and risk executives must see eye to eye on risk priorities across the entire organization and risk landscape. Consolidated reporting facilitates that process because a holistic view of risk enables company leaders to have robust discussions and make informed decisions on where the company should focus its efforts. Such steps are the linchpins to making quick decisions that can then be formally communicated to cross-functional company leaders who own—and contribute to managing—the risks.

Clearly define and communicate risk appetite.

An organization should ensure that an enterprisewide risk appetite is well-defined, understood across the leadership team, and relied on throughout the organization to make collaborative, intentional, and unified trade-off decisions. Once the organization’s risk appetite is determined, risk functions should help monitor risk to that appetite and communicate whatever actions have to be taken when triggering events occur that could increase risk beyond the organization’s risk appetite level.

Three actions to consider to move risk functions along the collaboration journey

Contact us

Brian Schwartz

Brian Schwartz

Partner, Risk and Regulatory, PwC US

Mike Maali

Mike Maali

Partner, Risk and Regulatory, PwC US

Tom Snyder

Tom Snyder

Risk and Regulatory Operations Leader, PwC US

John Sabatini

John Sabatini

Risk and Regulatory Leader, PwC US

Follow us

Required fields are marked with an asterisk(*)

How can we help? (check all that apply)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.