Marketers do not grow Daydreams about risk management and compliance. Personally, I never gave governance, risk or compliance (GRC) a second thought, to ensure that my team completed the required compliance or phishing training in a timely manner.
So, when I was assigned to head General data protection regulation (GDPR) A previous employer compliance initiative, I was far from my comfort zone.
I thought that some trivial requirements on how to send and send email to contacts based in Europe had quickly changed completely to how an organization collects, processes, and protects personally identifiable information (PII).
It is the job of a risk leader to facilitate dialogue around risk and help guide business unit leaders to find their own risk appetite.
As it turned out, I had completely underestimated the scope and importance of the project. My first mistake? Assuming compliance was “someone else’s issue.”
Risk management is a team sport
A single risk leader cannot single-handedly assess, manage, and resolve an organization’s risk cap. Without the active participation of business unit leaders across the company in marketing, human resources, sales and more, a company can never be Healthy risk-conscious culture.
Leaders who succeed in developing that culture cultivate a company-wide team mentality with well-defined objectives, clear scope, and agreed upon allocation of responsibility. Ultimately, you need to buy the same way a football coach needs players to buy into the team culture and play for peak performance. Although the company’s risk manager could be the quarterback for GRC, the team would not win without major plays by lineman (sales), backing (marketing) and receivers (buying).
It is the job of a risk leader to facilitate dialogue around risk and help guide business unit leaders to find their own risk appetite. It is not their job for us to define acceptable levels of risk, which is why CMOs, HR and sales leaders have no choice but to play an active role in defining risk for their departments.
Changing your perspective on risk management
If I am being honest, I used to think of risk management only in terms of asset protection and cost reduction. My crash course in risk responsibility opened my eyes to the many ways GRC can actually speed up deals and, moreover, drive revenue.