IT Risk Tops List of Concerns for Board Members

A recent survey of Public Company Audit Committee Board Members about risk highlights the desire to focus more heavily on Information Technology (“IT”) related risks. This is not surprising given that technological innovation continues at a rapid pace while it is also increasingly impacting every key facet of business today. The survey, conducted by the National Association of Corporate Directors and sponsored by KPMG, uncovered the following common board-level views about IT and other risk areas.

  • They are not satisfied that their oversight of various IT risks is effective, or that the company’s strategic planning process deals effectively with the pace of technology change and innovation.
  • The one person they would most like to hear from more frequently is the CIO.
  • They want to spend more time with the CRO and mid-level management/business-unit leaders; and few are satisfied that they hear dissenting views about the company’s risks and control environment, or rate their company’s crisis response plan as “robust and ready to go.”
  • The audit committee is devoting significant agenda time to legal/regulatory compliance risk, with the Foreign Corrupt Practices Act (FCPA), UK Bribery Act, and impact of the SEC’s whistleblower “bounty” program of particular concern.

An integrated, enterprise-wide risk program is the key to addressing these items in a holistic and practical way.  If your company has not implemented such a program, meeting the demands of the board will be challenging.


Understanding the 2011 Top Global Risks

Earlier this year, the World Economic Forum established a Risk Response Network (“RRN”) to facilitate dialogue among global leaders about the most important risks impacting our environment and economy. Kevin Steinberg, Chief Operating Officer, World Economic Forum USA, and Head of the Risk Response Network provided the following thoughts on the goals of the RRN. “Throughout the extreme shocks of recent years, both public and private sector leaders have been struggling to avoid collapse and keep the economy afloat. The World Economic Forum is launching the Risk Response Network: an umbrella of projects and initiatives all designed to help global leaders better understand, prepare for and respond to risk.”

With the launch of this new initiative, the World Economic Forum published a report on the most critical global risks that must be addressed in 2011. This report draws upon a risk perception survey of 580 global leaders, 18 risk analysis workshops and 50 risk expert consultations resulting in an assessment of 37 global risks. The resulting analysis is very intriguing and represents a true opportunity to begin addressing risks in a more proactive manner.