Five habits of successful risk managers
Only 13% of companies are managing risk in a way that boosts profits.
This is according to a new report by PwC which states that the way risk is managed has evolved significantly since the financial crisis of 2008.
The report identifies that companies are moving away from the traditional methods of assigning risk management to the “second line” of defence in the organisation. It is the organisations using “first line” business units, or “Front Liners” to manage risk that are most likely to increase revenue and bolster profits.
However, from some 1,500 executives surveyed across 30 industries, only 13% met the requirements to qualify as a Front Liner.
5 steps to becoming a Front Liner
1. Set a strong organisational tone focused on risk culture modelled and measured by leadership and the board.
2. Align risk management with strategy at the point of decision-making so risk management is embedded into planning and tactical execution.
3. Recalibrate the risk management programme across all three lines of defence so that the first line owns business risk decision making, the second line monitors the first, and the third line provides objective oversight.
4. Implement a clearly defined risk appetite and framework across the organisation.
5. Develop risk reporting. Tracking risk is critical to keeping business decisions within the agreed risk appetite.
Dean Simone, leader of PwC’s US Risk Assurance practice, said: “The key to growth isn’t in avoiding risk; Front Liners make risk management a mandate for the board, the C-suite and perhaps most importantly, among crucial business unit decision makers.”
The survey also found that only 9% of those polled scored highly on “cyber risk maturity”, despite growing awareness worldwide that cyber attacks pose a substantial risk to almost all businesses and organisations.
Dean commented: “This year’s survey tells us that leaders must make risk management a more collaborative, measurable and strategic function. We also see great alignment on the biggest growing risk factors, such as cybersecurity, but a lack of maturity in terms of preparing for and planning around the biggest risks facing executives today.”