Many articles have been written on the issue of risk management and I do not propose to write the seminal piece on the subject. Rather, my point is that as in-house counsel you need to look at risk as organizational risk, not simply legal risk. To do this you must know your organization’s tolerance for risk and the return on resource investment to manage its risks. Without looking at the RORI for risk management, you are just measuring identifiable risks against some arbitrary standard (typically legal) of what is acceptable risk.
Beyond having general industry awareness and knowing what it is that your company does, what does this mean and how do you do it?
When you come in-house, your “hard” legal skills are table stakes. Your employer expects, rightly so, that you have these skills, and where you do not, they expect you to figure it out. This is where your jack-of-all-trades skill comes in. The real question for them is can you add value to the organization?