Boards and Execs Do Not See Risk the Same Way

The Institute of Internal Auditors released a report in which they examined corporate risk management: OnRisk 2020: A Guide to Understanding, Aligning, and Optimizing Risk.

The report is based on a survey of internal audit managers and qualitative interviews of corporate board members and executives. Three of the report’s seven key findings in the report:

• Boards are overconfident. Boards consistently view the organization’s capability to manage risks higher than executive management, evidence of a critical misalignment.
• Boards generally perceive high levels of maturity in risk management practices. Board members’ perceptions of risk knowledge and capability place them ahead of executive management relative to risk maturity, therefore making them more likely to believe those risks are better managed.
• Talent Management (and retention) are at the center of future concerns. Respondents recognize the importance of good talent and how people drive the success of a business—particularly when it comes to data and IT skills.

The full report, available as free download, goes into more detail on each of these areas and four other risk management findings.

For additional reading, see ASIS International’s new Enterprise Security Risk Management (ESRM) Guideline (free online for ASIS members) released last month.