Urgent call for Boards to avoid unqualified risk managers risk

I noticed that there is a good number of advertisements especially from the Middle East, mentioned that the required qualifications for risk managers are MSc. or Bachelor degree in  accounting,  finance, management (MBA) or engineering  also they prefer those who have  CPA, CFA, CIA  degrees, moreover some of these organizations looking for those who have internal auditing experience.

 For those organizations I said please note that these qualifications are not what risk management needs. Particularly, one of the recommendations of the KPMG surveys (2011)  to improve Enterprise Risk Management (ERM) in the emerging markets was chief risk officer competences because this survey found that one third of respondents reported that chief risk officers could not improve the quality of managing risk in organizations, and their role is still quite focused on operational and process levels.

Similarity, for those who need internal auditing experience, kindly note that internal auditor may lack the required expertise in risk management and give wrong assessments because they do not have the deep understanding for risk management. This may expose the organization to weaknesses in the risk management process, which could result in unforeseen hazards appearing. 

However, from this point I would like to add that unqualified Chief Risk Officers' (CROs’) will increase organizations risks because those could not know exactly what risk management need, therefore the costs and risk exposures will be increased in these organizations.

To conclude that, a qualified risk manager is a must for a successful risk management, so it is a call for the  boards of these organizations to avoid their organizations from  unqualified CROs risk.

For help in this issue, The Directors and Chief Risk OfficersGgroup and The Governance Fund have published a helpful guidlines for CRO compitencies "Qualified Risk Director Guidlines" this report is available from:



Raida Mashal