A number of factors, including tax reform, growth in equity markets, cyberbreaches, terrorism and natural disasters, have created new challenges for risk managers, according to the State of Risk Oversight, a report by North Carolina State University’s Enterprise Risk Management Initiative and the American Institute of CPAs.
A majority of study respondents (60%) report that both the volume and complexity of risks have changed “mostly” or “extensively” in the past five years, and 65% of organizations indicated that they recently experienced an operational surprise due to unexpected risks. As a result, respondents reported that 68% of boards are putting increased pressure on senior executives to become more involved with risk oversight.
While risk management is increasingly seen as a high priority, risk management practices remain relatively immature. The survey found that 39% of respondents described the sophistication of their risk oversight practices as “immature” to “developing,” while 17% characterized them as “mature” and only 5% considered them to be “robust,” which represents a slight decline from previous years.