Monday, January 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Risk Managers: Impact Lies in Reduced Executive Effort

by Matt Shinkman
August 28, 2018
in Featured, Risk
businessman reading financial reports

The Key to Increasing Decision-Making Influence

In this complex risk environment where senior executives are expected to make fast decisions, they need the most actionable information in a timely manner. However, most leadership teams feel the risk information they receive isn’t actionable from a business strategy or operations perspective. In this article, Gartner’s Matt Shinkman and Chris Matlock detail how risk managers can ensure executives will extract true value from risk reports and how risk teams can increase their decision influence.

with co-author Chris Matlock

Risk managers often provide deliverables that are designed to help senior managers execute strategy while maintaining an appropriate risk profile for their environment and resources. This means being more than “information aggregators” that record and deliver disparate silos of data. Risk leaders will need to become “strategic risk advisors” that influence decision-making at the organization’s highest levels. All of this against a backdrop of robust economic growth around the globe. This shift has pushed executives to make quicker decisions as the benefits of being a first mover in new products and services become clearer, with profits often aggregating to the top one or two competitors.

Meanwhile, conversations around risk are more challenging than ever, as official “risk managers” share the spotlight on risk with more and more assurance functions clamoring for ever-shrinking executive bandwidth.

So, how can risk managers deliver more value in a rising risk environment?

Drive Influence

To better understand this challenge, we examined the most common entry point to effect and enhance executive choices: the reporting process. Too often, risk reporting becomes a rote, check-the-box experience that fails to capture executive attention or inflect decisions. Today, progressive risk managers are moving beyond having good reports and focusing instead on good conversations. Naturally, we wanted to know which characteristics would be most likely to create “decision influence,” a proprietary model based on the observable behavior patterns of executives, which includes the top three things you would want to see: tangible engagement with information provided by risk managers, collective agreement that action needs to be taken and specific next steps.

Throughout our research, we asked risk managers how many succeeded in influencing executive decisions this way. Not surprisingly, nearly 80 percent fell short and felt the need to improve reporting as a key growth goal of their programs. When we asked what they thought would make the biggest difference, a majority stated “improving data quality” and “providing unique insights.” Conversely, our research shows this conventional wisdom provides only marginal lift.

We examined 25 different reporting attributes to see which elements would have the greatest impact on creating the desired decision influence. Our analysis revealed that focusing on reducing the cognitive burden required by executives through relevance, information consumption and alignment with other key information flows were the most powerful levers risk leaders have in moving beyond reporting to being a trusted advisor that is three times more likely to be invited to discussions they are not usually a part of.

 

High Quality Not Always Credible

It may seem counterintuitive, but how could increasing data quality and novelty of insights score so low? What our analysis shows is that continuing to focus on data improvement alone creates little to no lift. In fact, more often than not, discussions that focus purely on data quality obscure more substantive dialogues around the “what’s next” or “so what” of risk reports. In other words, disputing data quality can avoid more challenging discussions or shift the conversation away from the core matter.

The same is true for information novelty. While more impactful, it still wasn’t a top differentiator. Imagine if the value of risk reports were to rest solely on being “new” or “shiny.” This is a high bar in the best of quarters, and even when risk managers do manage it, there is often an abrupt, diminishing return on these fresh insights within just one or two reporting cycles. The bottom line is, high-quality data and new insights can be a win for risk, but will not necessarily win the day. The largest opportunity for risk managers to engage with executives is to reduce the cognitive burden on them as they convert risk information into practical application and key initiatives.

The format most risk reports are presented in often makes it hard for executives to consume and understand the information. Comprehensive risk reports, although feared to be dense and burdensome, are actually considered to be the safer option, yet they can miss the mark in terms of business-friendly language.

Gartner research shows there are three distinctive stages of risk report maturity: first being voluminous, text-heavy reports; then briefer, but graphic-heavy reports; and lastly, discussion-driven reports. What makes the last effective is bullet points that drive conversation.

Reporting Revamp

Once risk managers examine how their reports are packaged with fresh eyes, they can then turn their attention to how executives will consume that information. Here, it’s important to consider the question, “what job needs to be done?” In other words, through what key initiatives, filters, biases or dashboards will the audience apply risk insights? Has the gap between risk’s lens and theirs been closed to make it as simple as possible to apply these insights? The critical linkage here is knowledge of the strategic goals and objectives of executive teams, with as much granularity as possible so that risk can invest in translating their information as much as possible in advance.

Since risk managers are not the only “voice of risk” in the room these days – whether it’s data privacy, IT, audit, etc. – the proliferation of corporate functions with a story to tell around risk is larger than ever. To maximize the risk department’s effectiveness in driving action, they will need to seek ways to work in concert with these groups to highlight crucial messages, or in some cases, be prepared to explain why their analysis may differ from others’.

Moving the conversation from “here’s the data” to “what actions should we take as result of this information?” is a crucial, but challenging journey. Recognizing that the greatest ROI lies in driving executive action pales in comparison to easing barriers to consumption, decision relevance and alignment with other risk information flows. Through this improvement to risk reporting, leaders can put themselves on the path of greater decision influence and increase the opportunity to shape key initiatives for years to come.


Tags: decision-making
Previous Post

Ankura Completes Acquisition of Navigant’s Disputes, Forensics and Legal Technology Segment and Transaction Advisory Services Practice

Next Post

CompliancePoint Announces New White Paper on Data Breach Security Measures

Matt Shinkman

Matt Shinkman is Practice Vice President for Risk and Audit at Gartner, where he counsels senior risk management and strategy professionals from Fortune 500 companies on the development of their risk management teams and processes. Gartner is a research and advisory company headquartered in Stamford, CT. Gartner helps business leaders across all major functions in every industry and enterprise size with the objective insights they need to make the right decisions.

Related Posts

illustration of mafia man in silhouette with red tie

The Mafia’s Jackpot: How Criminal Organizations are Profiting from COVID-19

January 22, 2021
illustration of videoconference, screen and speech bubbles

New Risks as COVID-19 Forces Rapid Technology Adoption

January 21, 2021
silhouette of businesspeople in meeting with blue cyber background

Cyber Risk Quantification and Prioritization is the Future of GRC

January 20, 2021
miniature airplane on global currency

FinCEN’s Proposed Changes to the Recordkeeping and Travel Rule Thresholds

January 20, 2021
Next Post
magnifying glass on data breach in word cloud

CompliancePoint Announces New White Paper on Data Breach Security Measures

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights