Managing Risk in a Tsunami of Complexity
The uncertain financial times of the past few years have had a major effect on companies operate these days. Companies that used to operate effortlessly with the help of forecasts and projections now resist making business decisions that are set in stone and as a result companies have a new focus: to manage risk.
Managing risk is as important and difficult as it has always been. New Global research commissioned by Loudhouse for SAP reveals that today’s complex business environment severely challenges companies.
The survey of 1000+ executives with responsibility for governance, risk and compliance (GRC) in their organizations found increasing risk and regulation complexity is now the biggest pressure on organizations’ GRC functions.
There is no real business opportunity without risk. Yet according to the research, companies are dropping the ball. In simple terms, the way to balance risk and opportunity is to look at both as two sides of the same coin. Obviously one is looking for the opportunity side to be bigger than the risk side. Great entrepreneurs have learned how to realistically assess and manage both sides of the coin in the following business opportunity and risk categories.
SAP’s research findings reveal that one in ten organizations are fully satisfied that they have adequate GRC tools, technologies and processes in place. Similarly, only one in ten are fully satisfied these tools, technologies and processes will keep pace with future growth. As a result, companies are ill prepared and may get nailed for lax controls.
While the research reveals different levels of preparedness among companies, the message from GRC professionals is clear: companies are not managing risk properly and should prepare for black swans, meaning an incident that occurs randomly and unexpectedly, and has a major effect on operations. Black swans may be game-changing, but they are not all that rare and businesses can mitigate against them with GRC tools, technologies and processes. The consequences of delay are serious.
GRC specialists face serious internal pressures to cut costs and prove effectiveness. Within, GRC professionals have to stay on top of changing business environments that introduce a range of operational risks such as employees, third party relationships, mergers & acquisitions, processes, strategy, and technology.
At the same time, GRC technology and processes can only work if it is respected within the company. It should become a key part of business processes and thinking, helping the firm achieve its business goals.
Regulatory environments in all industries are a constant shifting sea of requirements at local, regional, and international levels. The turbulence of thousands of changing laws, regulations, enforcement actions, administrative decisions, rule making and more has organizations struggling to stay afloat. 81% of GRC professionals surveyed say risk and regulation has become more complex in the last five years and without the right GRC tools and mythologies, businesses will be inadequately protected from risk. Read the full report here.