Managing enterprise risk in a consistent, efficient, sustainable manner has become a critical boardroom priority as CEOs, CFOs, and other members of the senior leadership team face unprecedented levels of business complexity, changing geopolitical threats, new regulations and legislation, and increasing shareholder demands.
In recent years, external factors have fuelled a heightened corporate interest in enterprise risk management. Industry and government regulatory bodies, as well as investors, have begun to scrutinize companies' risk-management policies and procedures. In an increasing number of industries, boards of directors are required to review and report on the adequacy of risk management processes in the organizations they administer.
The reason for the increased interest is simple. Virtually all of the risk events impacting corporations today are foreseeable and manageable. Virtually none are truly random and unpredictable. It is the responsibility of directors and senior executives to ensure that avoidable losses are consciously managed. Not so long ago, risk management was considered a niche specialty, the province of academics and consultants, and not a priority for mainstream businesses.
For many firms, the investment in enterprise risk management is the direct result of experiencing one or more avoidable significant business failures. For other organizations, the heightened focus on enterprise risk management is the direct result of the Sarbanes-Oxley Act or recent changes to SEC proxy disclosure rules which place greater responsibility on the board of directors for understanding and managing an organizations risks.
Regardless of the driver, the recognition that business success depends on striking a balance between enhancing profits and managing risk and the investment in the discipline of enterprise risk management is now top of mind for most business leaders.