ABSTRACT
This chapter considers the main players that be able to influence risk control in an organization. The board or a similar leadership committee: Typically this will include some members who are executives and others who are part-time non-executives there to provide the benefit of their wisdom and some independent challenge. Risk control managers: Most organizations have one or more groups of specialists to deal with various compliance and risk management tasks such as security, money laundering, Sarbanes-Oxley compliance and business continuity. All these people are risk control managers. Although they are responsible for making things happen they usually find they have to do so by supporting line managers. Internal audit managers including the head of internal audit: Internal audit stands apart from risk control managers generally because internal auditors should not, in theory, do anything other than conduct reviews and make reports saying what they found.
