Navigating Complex Risks With Cross-Functional Teams

Increasingly, businesses have to focus on identifying and managing complex risks across their organizations, with their legal teams overseeing risk management. In addition to legal, they may oversee compliance, privacy, ethics, risk, government affairs, ESG, and/or cybersecurity response, as highlighted by ACC Docket, the in-house voice of the Association of Corporate Counsel. 

These are some of the complexities associated with navigating risks across departments:

• Environmental, social, and governance (ESG): Social initiatives often fall under human resources, governance usually aligns with legal, and environmental issues are spread across the organization.
• Cybersecurity: Cybersecurity governance is no longer just the purview of IT or security.  It encompasses engineering and development, legal and privacy, and compliance, all of which need to work together during a security incident.
• Privacy: In addition to legal, privacy compliance falls under sales, marketing, customer service, IT, and finance departments.

The solution is to bring cross-functional teams together and manage them effectively:

• Use mature risk programs for a solid foundation, including such programs as a risk register, Roles and Responsibility “RACI” charts, a committee oversight structure, or a compliance framework.
• Ensure alignment across teams by adopting common frameworks like the National Institute of Standards and Technology’s cybersecurity, privacy, and risk management and the International Organization for Standardization security and privacy protection (ISO 27000) and sustainability program (ISO 26000) frameworks.
• Establish clear lines of responsibility for specific teams or individuals to streamline risk management. 
• Appoint a dedicated project manager to oversee cross-functional risk management initiatives and ensure that the various teams are working together. 
• With the prevalence of remote and hybrid work, use technology tools that provide risk and control oversight when sharing information across the enterprise. 

Implementing these solutions will enable you to work across departments and teams to effectively navigate complex risks. A proactive and collaborative approach to risk management will be indispensable in achieving resilience and success for your organization.