Board Risk Oversight Questionnaire

In brief: Originally appearing in Director Essentials: Strengthening Risk Oversight, this questionnaire includes key questions about eight risk oversight practices to stimulate board discussion and enhance the board’s understanding of the organization’s risk management activities.

This resource can help your board

• Clarify the roles of the board, management, and committees

• Understand the company’s risk profile

• Define the company’s risk appetite

• Integrate strategy, risk, and performance discussions

• Access risk culture

Most relevant audiences: audit committee members, risk committee members, and chief risk officers  

The following questions align with the common risk oversight practices identified in Director Essentials: Strengthening Risk Oversight.

These questions help drive dialogue with management and obtain a robust understanding of the effectiveness of risk management activities throughout the organization. This list incorporates questions from the Report of the NACD Blue Ribbon Commission on Risk Governance.

Clarify the Roles of the Board, Committees, and Management

• Is there a common understanding among management, the board, and board committees about their respective roles, responsibilities, and accountabilities on strategy? For example, is the board and are the appropriate committees meeting regularly with a CRO? If there is a

  CRO, has the board ensured that the CRO and general counsel have adequate resources and appropriate reporting lines to bring any changes in material risks to the board’s attention?

• Are risk oversight activities clearly differentiated between the board and its committees, and among the various committees?

• Does the board have the appropriate committee structure for its significant oversight obligations in the risk area?

• How specifically are our board committees engaged in risk oversight? For example, how is our audit and/or risk committee discussing risk controls, risk assessment policies, and risk management polices? (Section 303A, NYSE Listing Manual.) How does the compensation committee evaluate potential risks in

  executive pay plans and in the company’s pay philosophy overall?

• How does the nominating and governance committee factor risk and strategy considerations into board succession planning and director recruitment needs?

• What is the threshold for risk-related reporting to the board (e.g., categories of risk, specific issues or incidents)? What situations may call for greater board engagement (e.g., perceived management failure to disclose or address a critical risk)? Do we have a protocol that defines these situations?

The focus on the board’s compensation committee has never been sharper. The components of compensation plans and the link between compensation and company performance are under intense scrutiny from shareholders, employees, policymakers, the media, and other stakeholders. The Report of the NACD Blue Ribbon Commission on the Compensation Committee revisits NACD’s 2003 Report of the NACD Blue Ribbon Commission on Executive Compensation to highlight the new environment in which compensation committees—and, more broadly, boards—are now operating. It recommends that the compensation committee and board work together to establish an executive compensation philosophy that supports the company in creating long-term, sustainable value.

The report includes ten specific recommendations for compensation committees to consider when evaluating their compensation philosophies. It also provides practical tools, such as sample compensation committee charters, a compensation committee assessment, and guidance on executive employment contracts.