Ubiquitous, the term “risk management,” never defined, but it crops up in almost every survey about law departments. Take the Corporate Legal Times October 2004 Survey of CEOs. Mostly from companies under one billion dollars in revenue, the respondents selected from among 10 areas as the one they most wanted their general counsel to spend more time on: “risk management.” Fifty-two percent chose it, as compared to “providing the CEO with legal counsel” (26% wanted more), “learning the business” (17%), and “corporate governance” (28%).
Is not practicing law managing legal risks? It isn’t possible to disentangle giving corporate governance advice from managing risks, or counseling the CEO on the law from managing risks, or promoting compliance/ethics training (40% of the CEOs wanted more time from the GC on this) from managing risks. Worse, the bloated and shapeless term could encompass every risk the company faces. You delude yourself if you think you are saying something meaningful about a general counsel’s responsibilities when you sweep them all up into a blob term [legal] risk management.
[Gimlet eyes noted that the total of “want more” to “want less” was 290% to 87%. Easy to want more, but where will the GC find the time, and what will give? The question should have asked the CEOs to allocate 100 points between the 10 focus areas and to balance requests for more time on responsibilities with dispensations of equivalent time on other responsibilities.]