Last month’s column addressed the security organization reporting to the General Counsel, which studies show is one of the more common reporting relationships for security executives. This month we will discuss the advantages and disadvantages of reporting to the Chief Financial Officer (CFO). Most enterprises combine a number of functions under the Office of the CFO; the most common include Corporate Controller, Chief Risk Officer, Chief Information Officer, Tax Department, Internal Audit, Mergers & Acquisition, Corporate Travel, Risk Management (Insurance), Corporate Aviation and Procurement.
Reporting to the CFO can provide some unique benefits for the security function. The CFO is keenly aware of the risk horizon of the organization and, like the General Counsel, is one of the first individuals in the company to know when an issue arises. The CFO is also heavily involved in key decisions about acquisitions, mergers, divestitures, new facilities, plant closings, layoffs, etc. As a direct report to the CFO, the security organization has an opportunity to be an early participant in key decisions that affect the enterprise.