Sign In

Attributes of a Chief Risk Officer (CRO)

Print this Guidebook


1. Qualifications

  • University degree in commerce and / or accounting, auditing and risk management (Ideally also MBA, CIA, CA).
  • Note that, a CRO could be someone who possesses expertise in the industry in which the Institution operates, and must possess comprehensive knowledge of traditional risk management principles and practices.

 2. Experience

  • Risk management experience (minimum of three years) including the ability to identify new risks facing the institution with significant management responsibilities;
  • Experience in the rollout of a risk management methodology; and
  • Experience in strategic and business planning and experience in tools and techniques for the evaluation and presentation and maintenance of strategic and operational risks workshops and interviews. 

3. Capabilities

  • The ability to think strategically in order to monitor and support Line Management on matters of significance to the Institution as a whole;
  • Excellent verbal, written and facilitation skills along with well developed presentation skills;
  • The ability to organise and motivate others, some of whom may be in more senior positions.  This includes the ability to chair and run meetings;
  • The ability to effectively interpret and aggregate significant amounts of data and information and distil it to key points in order to assist Senior Management to fully appreciate their risks;
  • The ability to build effective relationships with other risk management performing functions, such as the functions concerned with disaster management, business continuity, health and safety, insurance, compliance, fraud prevention and the like;
  • The energy and drive to generate value for the Institution through the risk management function;
  • Good computer skills and ability to use risk management software; and
  • Strong managerial skills to effectively run a risk management unit.

4. Knowledge

  • Good understanding / knowledge of governance practices, internal control systems and ability to monitor risk management activities / programmes (and implementation thereof);
  • Knowledge of corporate governance requirements;
  • Internal audit and assurance practices;
  • Enterprise risk management concepts, frameworks and methods; and
  • Awareness of risk finance and risk control concepts.

5. Behaviours

  • Energetic and self driven;
  • Results / Output / deadline driven;
  • Leadership;
  • Team orientated;
  • Change orientated;
  • Decision maker;
  • Assertive, self confident;
  • Presentable, professional and confident;
  • Good interpersonal skills;  and
  • Good communicator.


Print this Guidebook

© Maintained by the National Treasury. All Rights Reserved.