Businesses around the world are reeling under the unparalleled economic shock of the COVID-19 pandemic. This has a direct impact on the risk proﬁle of organizations and has compelled them to re-think their governance, risk and compliance (GRC) functions.
Businesses around the world are reeling under the unparalleled economic shock of the COVID-19 pandemic. Although vaccination drives have started in a number of countries, it still seems a long way before organizations can return to business as usual. To make matters worse, new strains of the coronavirus and rising active cases are discouraging governments from easing lockdown and travel restrictions.
This is the backdrop against which we publish the latest edition of The State of Risk Management Survey Report. Our objective is to provide valuable insights into how risk professionals are approaching risk management in the new normal. The survey results suggest that agility, automation, and integrated approach have emerged as the key elements of an eﬀective enterprise risk management (ERM) program.
Top Risks, Challenges, and Priorities
Cybersecurity is the top risk faced by organizations, followed by compliance, operational, and resilience risks. The accelerated pace of digital transformation, coupled with the remote working environment, has multiplied points of potential failures and security lapses. It is on these grounds that it doesn’t come as a surprise that assessing the eﬀectiveness of cybersecurity risk management is the top priority for organizations today.
In addition, aligning risk priorities with business strategy emerged as the key challenge faced by organizations when it comes to enterprise and operational risk management. As business strategies and goals alter over time to adjust to evolving internal and external factors, it becomes critical to accordingly align risk priorities for successful risk mitigation.
In the post-pandemic world, determining the eﬀectiveness of cybersecurity risk management and operational resilience program is a top priority for risk professionals.
IRM Implementation by Industry
In the survey, 26.32% of the total respondents from Banking and Financial Services and Telecom industry each and 15.79% from the Insurance industry said that they are using an integrated platform to manage risks.
In addition, 58.33% of the total respondents from the Banking and Financial Services industry use risk management software but not integrated with other areas. This suggests that a majority of banking and ﬁnancial services institutions are primed for a major overhaul of their risk management approach.
Where does your organization plan to invest?
When asked about the areas where their organizations were planning to invest, training risk managers on emerging risks and technologies and enabling the frontline to manage risks emerged as the most common areas. Other investment areas include adopting an integration solution for policy, audit, risk, and compliance, and implementing a new risk management solution.
The uncertain operational environment has renewed the focus of organizations on resilience management— which goes beyond the traditional risk management practices of risk foresight, planning, and mitigation to speedy recovery and making an organization agile to quickly adapt to changing risk landscape. As the corporate world waits with bated breath to return to business as usual, risk managers are on their toes as regulatory, operational, cyber, compliance, and other risks are expected to heighten.