Someone on LinkedIn asked why I have the title of "Director of Business Risk & Opportunity", so I wrote it all down.
"I'm responsible for two functions that are closely related.
My "bread and butter" role that absolutely must get done is operational and information risk management; I have established the internal control framework, policy management, business continuity, operational risk tracking, and production control functions. I've worked with the different functional managers to build the SDLC, get our security, availability, confidentiality, and processing integrity controls up to standard, to write the 60+ process manuals that we have in place, and I've implemented governance functions at different levels of the firm, and built a few tools (workflow/ticketing, and entitlements management).
But aside from that, I'm responsible for the business planning aspect of risk management. This seems to be a newer merger of different fields, but: 1. I run the marketing program at PortfolioAid, and wrote and maintain the business plan. I participate in discussions around new products, services, and markets; this is not just the risk perspective, but ensuring that we establish and follow a prioritization regime and that our strategic planning follows good practice such as forecasting ROI, understanding the sequence of cause and effect in the strategic execution map, etc. 2. I've built a system of predicting our revenues based on projected licensing and consulting incomes, which required close collaboration with the PMO in order to blend project forecasting with capacity planning and in turn staffing planning. 3. I also manage the government programs by which we secure research and development funding - about $xxx,000 this year
I'm having a blast. I hope this helps. 8^)"