I’m just back from a great Page Society Annual Conference on culture, and I find myself thinking about risk management. Why? Several references to risk management during the conference reinforced personal experiences that suggest a way into the C-Suite conversation about reputation and culture for chief communications officers (CCOs).

The thought was triggered during a discussion of the BP oil spill crisis. It was observed that the apparent culture of profit over safety might actually have been a culture of taking unacceptable risks. If true, this is not unlike the Wall Street culture which grew up over the past decade in which excessively risky behavior was rewarded, leading to a colossal collapse of the world financial system. In both cases, getting the risk equation wrong resulted in both significant financial losses and catastrophic reputational damage.

Twice in my professional life I found myself drawn into a board-level discussion of reputational risk as a result of questions asked by board members. In each case, a CFO-led risk management process, complete with scores of operational and financial risk equations and risk-mitigation plans, prompted a simple question from a board member: “What about reputational risk?”

The International Association of Risk and Compliance Professionals (IARCP) seems to have thought of this, but in the real world, CFOs and management consultants don’t always get it right. In both cases where I was involved, the CEO and CFO came scurrying to the CCO for help.

If there is a common thread here, or a lesson to be learned, perhaps it’s this: There is not only an opportunity, but an obligation, for the CCO to be active in the C-Suite risk management discussion. Bringing our broad stakeholder view to bear on the question of how to build a culture that gets the right emphasis on risk – encouraging neither too much nor too little – is critical to preserving and protecting the most important asset of any institution – its reputation.