Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Risks are increasing in quantity and severity

Businesses are facing more risks than ever before and the consequences are quickly becoming apparent, according to the 2012 PwC State of the Internal Audit Profession study.

While concerns about further economic uncertainty continue to be top of mind for business leaders, issues such as fraud and ethics, mergers and acquisitions, large programs, new product introductions, and business continuity were identified among the top risks concerning businesses. Data privacy and security is now the single most requested area for increased internal audit focus with 46 percent of stakeholders asking for added capabilities in this area. With regulation escalating and evolving, regulations and government policies is the second largest requested area for increased focus, with 32 percent of stakeholders asking internal audit to get more involved in supporting the business in understanding and managing this risk.

"As the risk landscape continues to evolve, the majority of business leaders surveyed said they are not comfortable with how their risks are being managed, although 74 percent of those surveyed have formal enterprise risk management processes," said Dean Simone, leader of PwC's US Risk Assurance practice. "To deliver what stakeholders want, the standard for an effective internal audit function has been raised and internal audit needs to elevate its performance to meet the always increasing stakeholder expectations. Businesses must evaluate total enterprise risk, coordinate with the internal audit functions and break down organizational barriers to provide a holistic approach to risk management."

Companies that manage risk well have internal audit functions that are going beyond the traditional role of exclusively providing assurance over financial controls. The 2012 study found that stakeholders are demanding increased internal audit involvement in risk identification and management. Successful internal audit functions create plans through comprehensive, top-down risk assessments where the entire enterprise risk management process is taken into consideration. According to the survey results, 45 percent of organizations still do not create their audit plans using a robust, top-down risk assessment approach. A majority of respondents stated organizational and cultural resistance as the most common barriers to internal audits active involvement in a fully comprehensive risk management function, followed closely by lack of internal audit resources and expertise.

The report finds that internal audit groups at leading companies provide stakeholders advice on risks and controls rather than just reporting on gaps. Seventy-eight percent of the survey respondents whose company were better at managing risk say their chief audit executives have a more active role in the executive meetings, compared to only 61 percent of companies that are behind. In addition, they take into consideration the organizations enterprise risk management process and they adapt their approach quickly when changes are needed.

Download a copy of the 2012 State of the Internal Audit Profession study.

•Date: 22nd March 2012 • World •Type: Article • Topic: Enterprise risk management

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here