Increasing your risk management functions is pointless if they do not address the risks. Overlap as well as gaps in reporting or monitoring seem present in many organisations despite increased spend in risk management teams. A cohesive and robust framework is required if the system is to work across all elements.
In the recent E&Y report (availbale at www.ey.com) For example, 73% of respondents indicate they have seven or more risk functions, but 67% have overlapping coverage among two or more risk functions, with half of those reporting they have gaps in terms of coverage.
“Risk management functions within an organisation often exist in silos that are disconnected from one another and the wider business strategy,” says Gerry Dixon, global risk leader at Ernst & Young based in New York. “As a result, risks identified in one area might not be communicated or recognised by another. Moreover, different areas within an organisation might have different views on the severity or importance of certain risks.”
Dixon adds: “Leading companies are creating a competitive advantage by using the economic downturn as an opportunity to make practical yet valuable improvements to the way risk is managed.
“More than ever, organisations need to have a comprehensive and co-ordinated risk management approach with strong executive oversight and board of director governance. The opportunity to make those changes is now.”
CEI Compliance Specialise in Risk Management and implementing GRC across companies.
