Most firms understand that robust enterprise risk management (ERM) will not only improve risk management; it will also help them to measure risk more accurately and develop a more sustainable business model. However, while simple in theory, ERM can be fiendishly difficult in practice.
Over the past decade, risk management has grown in sophistication. Most companies have invested in the structures, systems, and people that will allow them to manage risk and make strategic, risk-aware decisions on an enterprise-wide basis. Despite these investments, many firms continue to find ERM extremely challenging. Although they have a clear goal to become a risk-enabled enterprise, few understand the steps that they need to take in order to make that transition.
Findings from the Chartis survey conducted for this report highlight some of the challenges that firms face:
- Only 41% of respondents say that they have a well-formulated and communicated ERM process with sponsorship from the board of directors.
- Companies recognize that they need to strengthen organizational structure and processes to develop more effective ERM.
- From a people and culture perspective, there are two clear priorities: aligning incentives and behaviors, and engaging the front office in risk management.
- Respondents rank IT security as the number one priority for improvement, above risk data aggregation and reporting and risk assessments. This shows that technology is a source of risk, as well as an enabler of ERM.
- The key challenges that are preventing firms from achieving a more effective ERM program are enterprise level monitoring, model management, defining the risk appetite, and aligning risk and finance.
In this report, IBM as well as Chartis, outline the challenges that companies currently face in becoming risk-enabled enterprises, and introduce a number of strategic initiatives that can be applied as enablers of ERM. The results of the survey, as well as Chartis’s in-depth follow-up interviews, suggest that these strategic initiatives should include the following:
- Model risk management
- Enterprise-level stress testing
- Conduct risk management
- Risk-based performance management
Download this report today where both IBM and Chartis set out the research road map comprising a number of strategic initiatives and how they can enable a company’s transformation into a risk-enabled enterprise. The two-year study and report will include a series of surveys, eliciting input from risk, compliance, and technology practitioners, as well as key stakeholders from business lines.