‘Approximately 80% have not trained executives in risk management for several years’. An alarming stat from a recent study by the Enterprise Risk Management Initiative.
This article was published on www.accountingweb.com
While the majority of businesses want their senior managers to be more involved in risk management, most lack a dedicated program and resources – and that’s particularly true for small and midsized firms.
What’s more, US businesses apparently have fewer risk management systems in place than companies elsewhere in the world.
Those are the key takeaways from a new report, Global State of Enterprise Risk Oversight, by the Enterprise Risk Management Initiative at North Carolina State University, on behalf of the Chartered Global Management Accountant (CGMA) designation. The American Institute of CPAs (AICPA) and the Chartered Institute of Management Accountants (CIMA) commissioned the study.
“With three-in-five companies facing increasing risks, and regulators, boards, and shareholders beginning to demand more effective risk management from organizations, it’s critical for management teams to take a closer look at their risk management programs and make them more robust,” Ash Noah, CPA, CGMA, vice president of external relations for the AICPA, said in a written statement. “Rigorously identifying and addressing potential threats is paramount for ensuring the long-term success of a company, pressure-testing the effectiveness of risk mitigation plans, and providing a competitive advantage in the market.”
Here are five findings based on the responses from 1,300 executives worldwide:
So, what to do? Consider these four steps as your call to action:
1. Assess your current risk oversight process.
2. Organizations generally implement risk oversight using a siloed risk management approach. Instead, consider the extent to which critical risks may occur and not be detected by silo risk managers, and implement greater cross-collaboration throughout the organization.
3. Instead of viewing risk management as a loss-prevention and compliance issue, look at it instead as a strategic and value-add approach.
4. For that strategy to happen, it’ll take a top-down, structured approach involving a designated senior executive who will be accountable to senior managers and the board.
Ultimately, those companies “that embrace the reality that risk and return are related are likely to increase their investment in enterprise risk oversight to strengthen the organization’s resiliency and agility when navigating the complex risk landscape on the horizon,” the report states.