With fresh corporate scandals in the news seemingly every day, enterprise risk management is growing in importance for organization leadership – and rightly so. LogicGate CEO Matt Kunkel discusses what he foresees for ERM in the year ahead.
The global market for enterprise risk management is growing as organizations increasingly prioritize their risk mitigation strategies. Because data breaches are becoming more frequent, every organization should have a strategy in place, or else risk joining the ranks of Capital One, Quest Diagnostics or DoorDash.
In fact, a recent survey of 100 CEOs shows they understand just how important ERM is, with 96 percent of respondents finding ERM at least somewhat important.
With this in mind, I put together three predictions for ERM in 2020.
CEOs Lead the Way in Creating Cultures of Risk
The report mentioned earlier, “Enterprise Risk and the Modern Organization: A View from the Top,” shows more than half of CEOs think their ERM program is not extremely effective. However, CEOs do see they need to be involved in ERM programs, with 66 percent desiring to be more involved. Because of this, it’s paramount that CEOs not only create cultures of risk at their organizations, but also ensure that risk management and awareness have a seat at the table during strategic business discussions.
Employees first need to have an understanding of risk in order to avoid it. Thus, their employers need to provide a firm foundation of risk management and awareness so there is a first line of defense against risk. Employees should also have the visibility and empowerment to bubble any hazards up through management ranks, which won’t happen without a culture of risk.
The Board’s Concern for Cybersecurity Will Increase
At the end of the day, the board’s chief concerns are top-line and bottom-line financials — both of which could be negatively affected by poor cybersecurity practices. As the number of data breaches, ransom attacks and cyber incidents increases — and with it, the number of cybersecurity technologies on the market — expect the board to be more involved in this area of the business.
Proactive Risk Management Strategies
It can’t be overstated: Risks and their varieties are increasing with great speed as cloud software and third parties become the standard way of doing business. The cloud, for all its benefits to business models, still presents vulnerabilities for organizations. Companies that want to protect themselves cannot adopt defensive risk and compliance strategies. Risk and compliance must be proactive functions. This way, risk managers can use data from compliance, incident and risk-tracking systems to make strategic bets to protect the organization.
With the development of advanced machine learning and robotic process automation, risk and compliance technology is enabling risk managers to make those strategic moves and take on more risk. A win for the organization.
There’s nothing like a new year. It’s a clean slate for organizations to take on better enterprise risk management strategies and better integrate risk with the company’s strategic decision-making.
It’s an oft-repeated phrase: “with great risk often comes great reward.” I’d change it to “when risk is properly managed, great rewards follow.”