Risk Remains a Key Focus for Directors
Risk Remains a Key Focus for Directors
Most directors (56.1%) believe risk is increasing in today’s business environment, with 74.5% of directors saying their boards are spending more time discussing risk management than they were two years ago.
The second biennial Directors’ Risk Survey by Marsh and the Institute of Directors (IoD), designed to gauge directors’ views on a wide range of risk issues, says technological disruption, reputational risk, and the time spent on risk oversight remain a key focus for directors.
IoD Chief Executive Simon Arcus says times have changed and it is encouraging going into a New Year that risk remains a common conversation at the board table. “Management of risk – is critical to a board providing strategic leadership and creating value. Risks change and evolve and the need to stay current is emphasised by this report” Arcus says. “Technology is an integral part of business capability and boards need to take responsibility to be able to lead in this new era.”
Technological disruption continues to be a prominent business risk, with cyber-risk emerging as a key external risk for the first time. Most directors are confident that they could handle a major IT disruption with 90.6% saying they have a procedure in place to manage, although just 19.4% can manage data loss and even more 35.2% are not able to keep up with technological advances.
Marsh Executive Director, Steve Walsh, says the ranking of cyber risk in this year’s survey to the second highest organisational risk, shows how things have changed in 24 months. “Technology is such a critical part of any organisation’s operation that it can be very detrimental if it fails or if you can’t keep up with the competition.” He goes on to say that boards must address technology issues as part of their regular risk reviews. “Any organisation that doesn’t have strategies in place to deal with these issues, such as cyber, is leaving themselves hugely exposed.”
Mr Arcus says cybersecurity and digital strategy were on the minds of directors in an unprecedented way. “Most businesses use or rely on technology to operate – cyber risk is a reality of our times – so the ability of boards to consider it as part of enterprise risk is critical in ensuring directors are confident about business resilience.”
Directors perception of their own personal risks only decreased slightly on 2013 results with reputational risk 61.3% (62% in 2013), being held personally liable for a legislative breach at 39.2% (42% in 2013) and loss of personal assess if called to account at 38.1% (42% in 2013).
Directors still remained worried Directors’ and Officers’ Liability Insurance may not respond in the event where a claim is needed to be made. Directors also worry about what’s in a policy and whether they have sufficient cover.
Mr Walsh says, “It is interesting to note that in a two year period these results have only shifted marginally – an individual’s reputation is still considered to be paramount. I do find this result surprising – especially in light of the incoming health and safety changes. The failure of directors to conform to the new legislation could see directors face huge penalties. As a director myself I’m taking this very seriously.”
Directors saw corporate governance requirements as the biggest emerging risk over the next 24 months. Other emerging risks included identify fraud/theft, environmental issues and business continuity.
ENDS