Risk management can be a challenge to any organization. It is an area in which feelings of false security can occur because people mistake discussing risks with taking actions to solve and prevent them. According to an article on KPMG.com, a survey of about 1,800 audit committee members in 21 countries shows that risk management and crisis readiness continue to pose the most daunting challenges:
Nearly half (45%) of survey respondents globally said their company’s risk management programme requires “substantial work” (39% of UK respondents). The quality of information that audit committees receive about critical risks facing the company continues to pose concerns – particularly cyber security where only a fifth of UK respondents are completely satisfied with the quality of information they receive – while only just over a third of UK audit committee members are fully satisfied that their company’s risk management process is dynamic enough to cope with a rapidly changing environment including new technology and social media risks.
The article notes there are also issues with annual reports. Namely, these reports are not understandable when it comes to risk management. What is worse, those who do understand the reports fear that they may not be accurately representing what condition the company is currently in. Even worse still, some companies just leave out conducting a report all together. With all these gaps in risk management, it is no wonder many respondents to the survey say that the whole system needs work.
This calls for a vast reevaluation, and that is just what two thirds of audit committees in the UK have done over the last two to three years, according to the article. Perhaps hiring employees with new ideas and new ways of thinking may allow for a fresh look at the world of risk management. One thing is for sure, things cannot continue to operate like they have been in the past because, as the survey shows, the old ways are not leading to success.