VP Enterprise Risk Management

I would like to suggest a weigh in on how Risk Departments are structured successfully. What are some Dos and some Don'ts.