No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Despite Growing in Maturity, Work Remains for ERM

The State of the Enterprise Risk Management Function in 2019

by Matt Shinkman
April 3, 2019
in Featured, Risk
traffic cones surround work in progress sign

A Gartner survey of more than 100 organizational risk leaders shows that ERM is maturing as a function. As Gartner’s Matt Shinkman explains, the ERM function still has a long way to go to complete its integration into key business activities, however.

2018 was a year of continued progress for enterprise risk management (ERM) teams. Five years ago, just 57 percent of ERM leaders considered their function mature or relatively mature. According to Gartner’s latest survey, conducted in 2018, that figure has risen to 96 percent.

Budget Boost

ERM leaders have achieved this notable progress during a period in which budgets have grown only marginally and staffing levels have remained flat. Given how much the risk landscape has expanded in the last five years, this strongly suggests improving levels of effectiveness and productivity in the ERM function, because it has handled more risk without any significant increase in resources.

Budget expectations from ERM leaders for 2019, however, show a stark departure from previous norms, with the average expected increase jumping to 16 percent. Flat team sizes and increasing budgets suggest that the higher spending is funding better technology to an extent, but also higher salaries, as salaries are still the single-biggest drain on ERM budgets.

In monetary terms, the median ERM budget was around $500,000 in 2017 and 2018, but is expected to rise to around $590,000 in 2019.

Technology Uptake

It’s interesting to note that skeptical attitudes to governance, risk and compliance (GRC) tools remain, with 26 percent of respondents saying they have no tool in place and have no plans to change that situation soon. A further 19 percent have no tool in place, but are evaluating vendors. So, in total, considerably more than one-third of respondents have no GRC tool. Furthermore, sentiment among those who do is far from uniformly positive, given the average Net Promoter Score of just 5.5/10 from ERM users.

Looking more specifically at attitudes toward data analytics investments, a different picture emerges. Although just 7 percent of respondents use advanced analytics technology as a routine part of daily operations, a further 71 percent use it on a case-by-case basis or plan to adopt it in some form soon. Moreover, 94 percent of adopters agree that data analytics has “significantly enhanced the value that ERM adds to the organization.”

This sentiment further confirms the hypothesis that budget increases are likely to be spent on technologies pertaining to analytics and on hiring people with the right skills (or training people without them).

Business Integration

The survey responses also show that the ERM function still has a long way to go to complete its integration into key business activities. In 2013, more than half of ERM leaders said their team did not participate at all in corporate budgeting; that proportion has not changed significantly since.

We see a very similar lack of progress when looking at ERM’s role in capital allocation decisions. The rate of ERM participation in publicly disclosing risk remains high, at 72 percent, but it also has not changed significantly in the last five years.

Even in terms of integration with other assurance functions, there is work to be done; fewer than half the respondents (44 percent) reported that their ERM function has an established process for sharing risk and control information with other assurance groups. Just 11 percent of respondents said their ERM team worked consistently with other risk control groups to provide holistic risk reporting.

With digital and technological disruption expanding the risk landscape and increasing the velocity of business, this lack of integration poses a risk in itself. In the current scenario, it’s at least plausible that important risks are slipping through the cracks between assurance functions and are therefore not being managed effectively.


Tags: Data AnalyticsEnterprise Risk Management (ERM)
Previous Post

FAA Clamps Down on Deceptive and Unfair Trade Practices to Minimize Risk to Corporations

Next Post

DOJ “Tweaks” FCPA Corporate Enforcement Policy

Matt Shinkman

Matt Shinkman

Matt Shinkman is Practice Vice President for Risk and Audit at Gartner, where he counsels senior risk management and strategy professionals from Fortune 500 companies on the development of their risk management teams and processes. Gartner is a research and advisory company headquartered in Stamford, CT. Gartner helps business leaders across all major functions in every industry and enterprise size with the objective insights they need to make the right decisions.

Related Posts

protecht series a

Protecht Group Lands $30M in Series A Funding From Arrowroot Capital

by Corporate Compliance Insights
February 22, 2022

Risk management software and services provider Protecht has secured a $30 million Series A funding round from Arrowroot Capital. Founded...

ankura noragh M&A

Ankura Acquires Noragh Analytics to Expand Advanced Data Capabilities

by Corporate Compliance Insights
February 9, 2022

Ankura Consulting Group, a global expert services and advisory firm, has acquired Noragh Analytics. Terms of the deal between the...

A rhino (symbol of risk) sits in profile in black and white.

Leverage the Power of Adhocracy to Identify Emerging Risks

by Jim DeLoach
January 11, 2022

Emerging risks are those that cannot yet be fully assessed but could, in the future, affect the viability of an...

A pole vaulter takes off trying to clear a high bar

Setting the Bar for Digital Innovation

by Jim DeLoach
October 21, 2021

The global pandemic forced many companies to accelerate their digital transformation efforts. As we reflect on lessons of the past...

Next Post
WhatsApp icon on smartphone

DOJ “Tweaks” FCPA Corporate Enforcement Policy

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT