The latest enterprise risk management news from around the world

In a new report, ‘Reprioritizing Risk and Resilience For a Post-COVID-19 Future’, Aon has released the results of a global survey, finding that COVID-19 has shown that it will be imperative for businesses to reprioritise risk and to innovate and explore new risk management strategies.

Aon’s global report finds that 82 percent of respondents said, prior to COVID-19, a pandemic or other major health crisis was not a top 10 risk on their organization’s risk register. At the time of Aon’s Global Risk Management Survey in 2019, pandemic risk was ranked 60 out of 69 identified risks. Enterprise risk management strategies and management teams were therefore unable to rapidly respond to the threat of the pandemic and, when it hit, their risk infrastructure struggled to cope with the initial response.

The Reprioritizing Risk and Resilience For a Post-COVID-19 Future report identifies differences in how businesses have responded regionally; prior to COVID-19, 52 percent of respondents in APAC had a pandemic plan in place, compared with 31 percent in North America and less than 30 percent in both EMEA and LATAM. Organizations in APAC were supported by state-run track-and-trace technology and had built more robust pandemic programs in response to similar threats already faced, such as SARS. The report survey found that across all industries and regions, protecting people and assets was a top priority for participants.

Fluctuating pandemic infection rates within regions are influencing which stage businesses find themselves in (‘react and respond’, ‘recovery’, and ‘reshape’). For example, North America has the highest proportion of organizations in the ‘recovery’ phase (59 percent), while APAC organizations reported they were in the ‘reshape’ phase in higher numbers than the benchmark (36 percent of APAC organizations compared with 29 percent overall), likely because of their experience in the progression of the pandemic. Despite these differences, one core theme emerged: more than half of companies report that they expect COVID-19 will continue to impact their business a year from now.  

Rory Moloney, Chief Executive Officer, Global Risk Consulting, Aon, said: “There is no question that the COVID-19 pandemic will permanently change the way companies operate. There is a long way to go before we are in the ‘post-COVID era’, but as we move towards a recovery phase, companies must now ask what risk management and resilience should look like going forward. Among the top priorities for companies seeking to reshape their business are the new and accelerated use of technology, redeploying resources, workforce planning and rethinking the future of work—this is only the beginning of a much more long-term evolution in risk management.”

The global report highlighted that a critical part of reacting and responding to crisis, and building a successful enterprise risk management strategy, will be in ensuring that the workforce is able to adapt, communicate, and collaborate when a crisis strikes. The increased dependency that organizations have placed on digital platforms is making them potentially vulnerable to adverse cyber events, information loss, and reputational impacts on a new scale, and will require a refresh of cyber and risk management strategy.

Aon’s research suggests that, moving forward, risk and business leaders must broaden their perspective in evaluating major shocks, not just anticipated losses. Navigating new forms of volatility, building a resilient workforce, and rethinking access to capital will all play a role in a companies’ ability to navigate future events. Equally, a more cohesive and integrated approach will be necessary to recover not only from the pandemic, but from future shocks. 80 percent of global survey respondents reported the pandemic has taught them to take an enterprise-wide approach to incident management, collaborating across functional units including risk, HR, IT and finance.

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.