Ninety-six percent of organizations believe they have an opportunity to improve their risk management functions. While nearly half say committing additional resources to risk management could create a competitive advantage, according to Ernst & Young’s ‘Future of Risk’ survey, which examined organizations’ attitudes toward risk management.
The survey of more than 500 senior executives, predominately those at the C-suite and board level, reveals the downturn is heightening awareness among companies of the need to manage risk more effectively.
Paul Kennard, UK & Ireland head of risk at Ernst & Young, said, “Although many organizations have boosted the size and reach of their risk management functions, this does not always equate to an increase in effectiveness. In fact, too few organizations can claim that shared reporting, data exchange and coordination consistently occurs among their various risk management functions. In the end, this only leaves the organization more vulnerable to the threat of risk.”
Risk management has advanced but more needs to be done
Despite improvements in risk management over the past several years, organizations should continue to challenge their approach - especially now when most will be asked to do more with the same or limited additional resources. While only two percent plan to decrease investments in risk management, almost two-thirds (61 percent) of survey respondents said they do not plan to commit more resources to risk management over the next 12-24 months.
Kennard explained, “Recent events have forced a maturing of risk management and many companies can take pride in the progress they have made. However, now is not the time to become complacent – leading organizations recognise that the continuing opportunity to improve their risk assessments, enhance monitoring, reduce costs, and better integrate information technology.”
Lack of coordination among risk functions is a threat
The survey also revealed that the number of risk management functions has increased to keep up with compliance requirements. However, the coverage and focus of these multiple risks functions has become increasingly difficult to manage, and is compounded by a lack of alignment.
Seventy-three percent of respondents indicated they have seven or more risk functions. Furthermore, sixty-seven percent have overlapping coverage with two or more risk functions. Fifty percent of those surveyed reported gaps in coverage.
Kennard said, “Risk management functions within an organization often exist in silos that are disconnected from one another and the wider business strategy. As a result, risks identified in one area may not be communicated or recognised by another. Moreover, different areas within an organization may have different views on the severity or importance of certain risks.”
An improved future for risk management
The survey demonstrated that companies want improved risk coverage while decreasing costs and improving value. They also aspire to have their risk and control activities aligned and coordinated. The key to making this possible lies between the risk and control functions and the business units. This includes having an aligned mandate and scope, coordinated infrastructure and people, consistent methods and practices and common information and technology.
Survey respondents clearly recognize that risk management provides significant benefits to their organizations beyond better identification and understanding of key risks. Most respondents also report benefits from improved business performance (99 percent), protection of business value (98 percent), better decision making (98 percent) and improved compliance with regulations (98 percent).
Kennard concluded, “Leading companies are creating a competitive advantage by using the economic downturn as an opportunity to make practical yet valuable improvements to the way risk is managed. More than ever, organizations need to have a comprehensive and coordinated risk management approach with strong executive oversight and board of director governance. The opportunity to make those changes is now.”
•Date: 18th August 2009• Region: World •Type: Article •Topic: Operational risk
Rate this article or make a comment - click here