Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Risk management increasingly the focus of top management

European companies are prioritising risk management as never before, although some weaknesses remain.

These findings come from research on risk management leadership conducted with risk managers from the Federation of European Risk Management (FERMA) and the public sector associations PRIMO by Harvard Business Review Analytic Services sponsored by insurer Zurich.

In their responses, more than 200 executives at major European organizations emphasise how top management and the board are increasingly setting direction and taking tighter control of risk management, integrating it with overall company strategy and embedding it deeper into corporate culture.

The survey indicates that, at 35 percent of organizations, either a chief risk officer or a risk manager has direct responsibility for risk management. At 27 percent, either the CEO or the CFO/treasurer has direct responsibility, while the board itself is responsible at 14 percent.

In all cases, companies emphasise the importance of board engagement.

The majority of companies have education and review processes in place to keep the board and the senior executives informed about their risk exposures. Key risks are communicated to the C-suite regularly at 70 percent of organizations.

More than half the organizations surveyed (56 percent) said that they have increased the resources devoted to risk-related education and training over the past three years for chief risk office level and above, at the least.

Making these processes work requires a conduit for risk information: 75 percent cited the risk function as a channel by which information, intelligence and advice on risk reaches senior management.

However, only 17 percent of respondents described communication between the C-suite and the CRO as being comprehensive, or nearly so. More than one in four, 29 percent, expressed concern about a 'good news culture' that meant management did not receive unvarnished information on risk.

40 percent of respondents said their organisation has not yet set up a broad-based, cross-functional risk committee- despite the crucial role the risk committee plays in making sure that risk data are discussed thoroughly and passed on to the board.

The survey also found that companies have been slow to adopt risk-based incentives as part of compensation. Only 12 percent said they align risk management with executive pay.

Companies aspire to forge closer links between risk management and strategic planning. Roughly half said their risk management process is closely or very closely aligned with their overall strategy and budget. At the same time, there has been less progress at bringing the risk function's resources to bear on transformative business projects, such as mergers, acquisitions and divestments. Only 20 percent described the risk function as a tool for making more effective strategic decisions and investments.

Priority risk areas

These were the risk categories to which respondents ranked as of greatest concern:

  • Strategic 63%
  • Financial 55%
  • IT/data privacy 44%
  • Legal and regulatory compliance 44%
  • Brand/reputation 42%
  • Market/competition 42%
  • Technology 41%
  • Systemic 37%
  • Political/geopolitical 35%
  • Workforce 33%
  • Natural disasters 20%
  • Terrorism/violence 10%

•Date: 23rd August 2013 • UK/Europe •Type: Article • Topic: Enterprise risk management

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here