Gartner Emerging Risk Survey Reveals Underlying Risks Set to be Exacerbated by COVID-19 Pandemic

1Q20 Emerging Risks Monitor Report Highlights Executive Concerns Around Strategic Assumptions, Social Instability, Even Before Emergence of COVID-19

Arlington, VA (April 23, 2020) – “Strategic assumptions” remained the top concern for senior executives in first quarter of 2020 as numerous other risks are set to be exacerbated by the current COVID-19 crisis, in Gartner, Inc.’s latest Emerging Risks Monitor Report.

Gartner surveyed 107 senior executives across industries and geographies on the top concerns facing their businesses with results showing that “strategic assumptions” remained the top emerging risk for the second consecutive quarter (see Table 1). The survey was in the field from mid-February to early March of 2020 and reflects only the early stages of the coronavirus crisis.

“Executives had been concerned with the validity of their strategic assumptions well before the current crisis situation,” said Matt Shinkman, vice president with the Gartner Risk and Audit Practice. “The economic and operational fallout as a result of the global COVID-19 pandemic have forced many executives, particularly in the hardest hit industries, to start from scratch, even with a great deal of uncertainty still ahead.”

Table 1. Top Five Risks by Overall Risk Score: 2Q19-1Q20

Source: Gartner (April 2020)

Crisis Forces Faster Reckoning with Emerging Risks

In addition to the damage caused to already shaky strategic assumptions, senior executives and their enterprise risk management (ERM) teams now face a reckoning with many additional emerging risks that have become heightened from the current crisis. Three additional risks in the top five, cyber-physical convergence, the upcoming U.S. presidential election and the potential for macroeconomic stagnation have all taken on new dimensions and urgency as the crisis has worsened the global economic outlook.

“COVID-19 is a uniquely challenging risk for most organizations to manage in and of itself, but it also acts as a kindling that will spark adjacent risks into much greater intensity,” said Mr. Shinkman. “It’s clear that enterprise risk professionals will be stretched as previous ‘wait and see’ risks require urgent action today.”

Mr. Shinkman pointed to cyber-physical convergence as just one example of an emerging risk that has taken on new dimensions during the crisis. With an increasing number of employees forced to work from home, and a previous Gartner survey  indicating that 74% of CFOs plan to make at least some portion of their in-house staff permanently remote, insufficient security practices around operational technology (OT) will only become more vulnerable and easy to exploit in this environment.

ERM Considerations for COVID-19

In additional conversations with more than 100 senior risk executives on March 27^th and April 3^rd, Gartner identified three common areas of concern and actions underway among this group:

• Business continuity – Heads of ERM report that they feel unprepared for long-term, ubiquitous remote work, and they are rapidly moving to update policies to manage risks from cybersecurity, privacy and decreased employee productivity, among others. A second business continuity concern relates to supply chain disruptions, with ERM leaders reassessing supply chain risks in real time and driving efforts to review contingency plans for dramatic disruptions.
• Impact on the risk universe – ERM leaders are currently grappling with how to classify COVID-19 within the risk spectrum and its impact on other pre-existing risks. Some teams have increased the frequency with which they meet with risk owners to better understand how the landscape has shifted since the emergence of the pandemic. Others are conducting regular COVID-19 updates to explain how risk ratings have changed. Heads of ERM also recognize that they will need to revisit/evaluate their organization’s risk appetite statement as a result of the pandemic.
• How ERM can demonstrate value – Many risk leaders are also reckoning with how to better drive action on risks such as pandemics, which were typically rated as a “low probability, high-velocity,” risk, and how to better drive action among their leadership teams for future risks that could be equally disruptive to their organizations. Some ERM teams are also taking an active role to ensure cost optimization efforts currently underway do not expose their organizations to excessive risks, nor drive excessive risk aversion.

More detailed analysis is available to Gartner clients in the full report and webinar recording 1Q20 Emerging Risks Report and Monitor and ERM Considerations for COVID-19: Lessons From Client Discussions.

Nonclients can complete free registration to read more in Emerging Risk Trends.

About Gartner Risk Management Leadership Council

Senior executives need actionable information to make quick decisions. Successful organizations embed risk management into strategic decision-making processes to help the business execute on its growth priorities. Gartner Risk Management Leadership Council equips enterprise risk management leaders with insights, advice and tools to better navigate high-risk growth decisions. More information can be found at: https://www.gartner.com/en/audit-risk.

About Gartner

Gartner, Inc. (NYSE: IT) is the world’s leading research and advisory company and a member of the S&P 500. We equip business leaders with indispensable insights, advice and tools to achieve their mission-critical priorities today and build the successful organizations of tomorrow.

Our unmatched combination of expert-led, practitioner-sourced and data-driven research steers clients toward the right decisions on the issues that matter most. We are a trusted advisor and an objective resource for more than 15,000 enterprises in more than 100 countries — across all major functions, in every industry and enterprise size.

To learn more about how we help decision makers fuel the future of business, visit gartner.com.