It has been a decade since the Great Recession hit the US, threatening to end the American way of life through an economic meltdown. In hindsight, the 2008 sub-prime loan crisis can go down as one of the greatest cumulative risk management failures in U.S. history. When rewards increase, the risks always follow suit, a simple fact of life.
But with this event bringing significant attention to the importance of risk management, how has enterprise risk management changed the way we do business to prevent such another crisis from occurring?
A recent report from North Carolina State’s Enterprise Risk Management Initiative surveyed 474 organisations’ chief financial officers or equal senior executive on the state of enterprise risk management within their organisations.
In 2009, the survey reported a 9% complete ERM implementation within the organisation, this has risen to 31% in 2017. This data shows progress, but the question must be asked if this ERM adoption rate is keeping pace with the growing complexity of risks faced by organisations in a technologically advanced and globalised business environment.
Protivi, along with NC State’s ERM Initiative, surveyed C-Suite executives who were tasked with ranking thirty risks their organisation faces. Respondents ranked these risks from one through ten, one reflecting “no impact at all.” The results of the survey were organised into a chart of the top ten risks for 2018 according to corporate leadership. The results are here.
Scrolling the top ten risks you will notice a wide array of areas of concern for executives. From workforce talent management to cyber security to organisational culture, the results show a diverse portfolio of risks needing oversight in today’s markets.
Furthermore, technology advancements and market globalisation has made these risks even more complex and inter-connected.
A fully implemented ERM framework and culture will allow these organisations to manage any risks that threatens the achievement of strategic objectives whether they be strategic, financial, operational, or hazard specific.
