Refers to the fact that the management of an organization's risk
typically is assigned to risk managers within departments. For example, the
finance department monitors credit risk, public relations oversees reputation
risk, facilities management supervises physical risk, information technology focuses on data security
risk, and so on. Compartmentalizing risk managers in these silos results in
a narrow, parochial view of risk and prevents top management from understanding
risks facing the entire enterprise.