Some 96 percent of companies believe they could improve risk management further, despite having already enhanced this function within their organizations, a new survey revealed.
Half of the more than 500 C-level and board executives polled by Ernst & Young, also said that committing additional resources to risk management could create a competitive advantage for them. The survey was done in June and July, with 29 percent of its respondents coming from the Asia-Pacific region.
Norman Lonergan, global advisory leader for Ernst & Young, said despite many organizations having boosted the size and reach of their risk management functions, this did not always equate to an increase in effectiveness.
"In fact, too few organizations can claim that shared reporting, data exchange and coordination consistently occur among their various risk management functions," Lonergan said in a statement released Monday.
This puts the organizations in a more vulnerable position to threats, he added.
Gerry Dixon, global risk leader, Ernst & Young, noted that while many companies "can take pride" in the progress they have made towards risk management, they should not become complacent.
Two-thirds, or 61 percent, of the respondents said they did not plan to commit more resources to risk management over the next 12 to 24 months, while 2 percent reported plans to decrease such investments.
Dixon noted in the statement, that leading companies recognized the continuing need to improve their risk assessments, enhance monitoring, reduce costs and better integrate IT.
The respondents recognized the benefits risk management provides to their organizations, beyond better identification and understanding of key risks.
A majority of those polled reported benefits from improved business performance (99 percent), protection of business value (98 percent), better decision making (98 percent) and improved compliance with regulations (98 percent).
The survey also found that the number of risk management functions increased in organizations as they tried to keep up with compliance requirements. However, the coverage and focus of multiple risks functions had become increasingly difficult to manage and aggravated with a lack of alignment.
Of those polled, 73 percent indicated having seven or more risk functions. While 67 percent had overlapping coverage with two or more risk functions, 50 percent reported gaps in their coverage.
Dixon noted risk management functions within an organization often exist in silos that are disconnected from each other and the wider business strategy. Therefore, risks identified in one area might not be communicated or recognized by another.
"Moreover, different areas within an organization may have different views on the severity or importance of certain risks," he added.
Based in Singapore, Konrad Foo is an intern with ZDNet Asia.
Play video
There are currently no comments for this post.