Most Companies Lack Strong Risk Oversight Protocols, Finds Report

The worldwide economic crisis has put a spotlight on corporate risk, but a large percentage of companies around the globe do not have strong risk oversight protocols, according to a joint research report by CIMA (the Chartered Institute of Management Accountants) and the AICPA (the American Institute of Certified Public Accountants).

 

In a survey of U.S. CPA executives, 84% of respondents rated their company's risk oversight process as ranging from ‘very immature’ to ‘moderately mature’.  Sixty-one percent of global executives offered a similar assessment of their organisation's enterprise risk management in a separate survey.

 

"While the report reveals that companies are more cognisant of risk, they are still falling significantly short in instituting risk management processes," said Carol Scott, AICPA vice president for business, industry and government. "The financial crisis underscored the potential consequences for companies that have lax risk oversight."

 

Forty-five percent of the US respondents said their companies had no enterprise-wide risk management process in place and no plans for implementing one. This compares with 37% of the global respondents who reported the same situation in their organisations. A majority of both of US (60%) and of global (75%) respondents said the volume and complexity of risk are greater than they were five years ago. However, less than half of both groups (40% of US and 47% of global respondents) described their organisation as being ‘risk averse’.

 

"The report findings clearly show that organisations need to start putting processes in place to deal with the perceived increase in the complexity and volume of risk. As the events during the last few years show, companies can’t take a ‘head in the sand’ approach to risk management or simply hope for the best," says Charles Tilley, chief executive of CIMA.

 

More U.S. organisations (65%) formally assign the responsibility for risk oversight to the audit committee than do global organisations (57%). Some of the difference is ‘likely attributable’ to differences in board governance structures that exist around the world, according to the report.

 

The report shows that the U.S. falls behind the rest of the world in risk management training. While two thirds (67%) of global respondents said there was minimal or no training in this area, 78% of U.S. executives surveyed offered the same response.

 

 

MORE ARTICLES ON RISK MANAGEMENT

Read more on

Suggested Articles

Some of you might have already been aware of the news that Questex—with the aim to focus on event business—will shut down permanently all media brands in Asia…

Some advice for transitioning into an advisory role

Global risks are intensifying but the collective will to tackle them appears to be lacking. Check out this report for areas of concern