Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Risk: boards demand integration

As governance, risk and compliance (GRC) issues continue to make substantial progress moving up the corporate Boardroom agenda, executive management wants assurances that all three components are being integrated effectively and efficiently, according to research by KPMG International.

The Convergence Evolution, a global survey of senior risk decision-makers, finds that 50 percent of US boards and 41 percent of boards globally are taking GRC very seriously, compared with just 13 percent in the United States and 10 percent globally among those polled prior to the recent financial crisis.

Respondents identified executive management (42 percent in the United States and 48 percent globally) and regulators (27 percent in the United States and 43 percent around the world) as the stakeholders exerting the most pressure on organizations to improve convergence of their GRC activities.

To ensure efficiency and effectiveness across departments, the survey found that leading companies are working toward a holistic – or converged – view, and adjusting the governance framework (such as board oversight) to better integrate risk and compliance management.

This convergence approach can help minimize duplication of effort across the enterprise, yet prepare the company to adapt quickly to unforeseen circumstances, such as supply chain interruptions, IT failures or other disruptions.

“Organizations clearly are giving more prominence to integrating governance, risk and compliance activities, though most companies remain at a fairly early stage, confronted with issues such as the complexity of the undertaking and a lack of experienced executives in-house among the remaining key challenges,” said John M. Farrell, a partner at KPMG LLP.

Approximately 90 percent of respondents to the KPMG study found GRC costs had increased, an indication of the higher priority placed on GRC, but a potential tell-tale sign of opportunity to better coordinate managing these processes.

In addition, just 45 percent of US respondents and 38 percent of global respondents said their organizations were effective at sharing information and resources across functions, and about a third of respondents said their companies were good at ensuring a consistent GRC approach across borders.

Just 7 percent of S. organizations and 9 percent of those globally say their GRC activities are fully integrated into their business strategies, the survey found.

Deon Minnaar, a KPMG partner, said: “This fragmented approach to GRC may provide some insights on why the costs of managing risk are rising. In our experience, convergence of governance, risk and compliance activity in an enterprise-wide, holistic program that is tied to corporate strategy can provide a much more efficient means of achieving effective risk management.

“As compliance needs grow with the ongoing release of new regulatory standards, corporate boards want assurances that senior executives are managing risk appropriately, and C-suite executives, in turn, increasingly have an eye toward bringing all associated processes under one roof,” Minnaar added. “Convergence provides an increasingly popular common-sense approach.”

Other highlights from the KPMG survey include:

  • The increasing appetite in GRC is mainly driven by a desire to reduce risk exposure (54 percent in the United States and 51 percent globally) and the need to tackle overall business complexity (34 percent among US firms and 35 percent globally).
  • For 7 percent of US organizations and 16 percent globally, governance convergence should result in long-term reduced costs.
  • Forty-four percent of US companies and 43 percent of organizations globally say they are effective at ensuring the quality and availability of data around GRC.

The survey involved polling of 177 respondents in June 2011 from a wide range of industries and regions, with roughly a third each from the Asia Pacific, Americas, and Europe, Middle East and Africa regions. More than half of the respondents represent companies with annual revenues of more than US$500 million. All respondents had influence over or responsibility for strategic decisions on risk management, and more than half of them were C-level or board-level executives.


•Date: 13th March 2012 • US/World •Type: Article • Topic: ERM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here