There’s been a shift in GRC, and organizations can’t properly prepare for the future without understanding the current state of risk management and where it’s headed.
We surveyed hundreds of governance, risk, and compliance professionals across industries to learn more about the state of risk management in 2018. We asked them to evaluate their vulnerabilities, challenges in connecting governance functions, goals for program improvements, and their senior leadership’s understanding of risk management best practices.
The results of the survey indicate that while the majority of participants have senior leadership that aims to connect risk management across silos within the next two years, less than half think their senior leadership actually understands this integration will prevent risk events.
We’ve already seen a whirlwind of highly publicized scandals in 2018, such as Facebook’s mishandling of its user data, which have damaged the reputations of several well-known organizations. The truth is, these scandals could have been prevented, and good reputations could have been saved. Now, these organizations are picking up the pieces and struggling to overcome the consequences of their failures in risk management. Without an effective enterprise risk management program, organizations are unable to protect their employees, customers, and investors.
The results of this survey indicate that risk managers need to involve all areas of the business in their risk management efforts. Integrating governance functions is a challenge many risk organizations face, and the answer can’t solely come from senior leadership. Risk management should be integrated across all departments, including everyone from the front-lines to the board of directors. This is achieved through good governance and an effective, efficient risk management program.