Now, more than ever before, a spotlight is being shone on enterprise risk management (ERM) and boards are calling for ERM data to make informed decisions. The focus on enterprise risk management highlights the approach that leaders are taking to risk, wanting in-depth oversight with clear reporting on all aspects of an organisation.
Why are boards focussing on ERM data?
Taking risks is a fundamental aspect of running a business, but in the current landscape, especially in South Africa, it often feels like every decision carries its own set of unexpected challenges. The prevalence of emerging risks, both those we can anticipate and those that catch us off guard, is significant. It’s no wonder that boards are dedicating more time than ever to navigating these issues in our unique environment.
Recently, the Diligent Institute and Corporate Board Member conducted a survey for the Director Confidence Index, and the findings are essential for risk management professionals who want to understand what boards are seeking. In fact, more than three-quarters (77 per cent) of the directors surveyed reported that their full board is having regular discussions about new risks and their implications for the company. Additionally, nearly half of the respondents indicated that they are discussing enterprise risk management (ERM) more frequently now than in previous years.
Board action on ERM
The growing importance of enterprise risk management to the board is evident, so much so that 56 percent say they have formalised enterprise risk oversight in governing documents (including charters). This is a trend that aligns with other research out of the Diligent Institute.
“This is a growing trend, even when it comes to matters such as ESG for instance,” says Dottie Schindlinger, executive director of the Diligent Institute. “In our recent Sustainability in the Spotlight report, we found that of the directors who had changed their company’s ESG oversight in the last year, about a third (30 per cent) had formalised oversight in governing documents.”
Meanwhile, only about a quarter (27 per cent) of our respondents said they had created a dedicated risk committee outside of audit despite increased activity around risk in the boardroom and despite the fact that the audit committee’s remit has been expanding significantly in recent years.
For now, ERM and the reporting of ERM data remains anchored in the audit committee for most boards, though 42 per cent of those surveyed said if they could improve their board’s oversight of risk, they would bring the ERM conversation out of the committee to the full board more frequently.
Where can board oversight of ERM improve?
The role of ERM data in board discussions
The desire to involve the full board in deeper-dive conversations isn’t entirely new. In Diligent’s recent What Directors Think survey, conducted in partnership with Corporate Board Member and BDO USA, they found only 17 per cent of directors believe the delegation of such issues to a committee or working group could improve a board’s ability to oversee company risk.
Nevertheless, directors in general feel confident in their organisation’s enterprise risk management plan, rating it a 6.6 out of 10 in terms of maturity level – slightly above average, inching toward “Mature” according to our 10-point scale. In addition, base these insights on their ERM data.
To get higher up on the scale, directors say there’s one element they need: better benchmarking ERM data (45 per cent). This is not all that surprising considering that only a quarter of respondents said their board had incorporated new ERM data or solutions into risk oversight in recent years.
“The risk oversight landscape has changed drastically in the past few years, and companies’ ERM programs have matured as a result,” said Schindlinger. “As that happens, the data and insights available to the board needs to reflect this evolution. Directors are voicing an acute need: they need the right technology to surface information about enterprise risk to help them make informed decisions.”
What does this mean for risk management professionals?
The response of board members to the expanding risk landscape is crystal clear: more and more boards are taking action in the form of increased oversight. More attention on risk means that risk professionals from CROs to Risk Managers to Junior Risk Officers are going to feel the pressure – if they haven’t already. But with the right tools and a strategic plan, ERM can become a strategic advantage.
Discover the best solution for Enterprise Risk Management by downloading our free buyer’s guide here.