Академический Документы
Профессиональный Документы
Культура Документы
Risk Value
We believe the answer to these
challenges can be found by
carefully considering how to
balance risk, cost and value
across the enterprise.
Cost
Over the past 12 months how has risk increased or decreased for your organization in the following
risk areas?
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Significant Significant
Increase No change Decrease
increase decrease
How significant are the benefits that your risk and control activities currently provide your organization?
Improved compliance
14 43 31 10 2
with regulations
Overall improved
business performance 9 48 36 6 1
Protection of existing 11
13 43 31 11
business value
Better decision-making 16 38 32 12 11
Reduced costs 10 43 35 11 1
Increased process 10 39 36 13 11
efficiencies
Positive influence on 14 34 32 14 4 2
investor confidence
Enhancements of associated 12 35 39 11 21
process controls
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
More than ever, organizations need to have a comprehensive and • Sixty-seven percent had overlapping coverage with two or more
coordinated risk management approach with strong executive risk functions.
oversight and board of director governance. Risk management • Fifty percent reported gaps in coverage between risk functions.
groups within an organization often exist in silos that may be
Compliance/regulatory 88
Internal audit 86
Internal control 86
Insurance/risk management 85
Treasury risk 79
Hedging risk 52
Other 2
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
1 Ernst & Young (November 2007), Strategic Business Risk 2008: the top 10 risks for business
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
These results are not surprising; it is common for organizations to This has an impact on both the governance oversight and the
have complex risk management efforts that are often not well business itself. In this situation, there commonly are multiple
coordinated. A typical organization’s current-state risk functions communications to management and the board, and these
might look something like the diagram below. communications may overlap or cause confusion. Toward the
bottom of the diagram, we also see the impact on the business
In many organizations, numerous risk, control and compliance
itself represented by the multiple lines from the risk, control and
activities commonly exist. These activities, depicted by the silos in
compliance functions to the various business units. These demands
the center of the diagram, are often fragmented, independent or
for information and complex communications can result in
misaligned. This is reflected by the multiple lines of communication
increased costs and fatigue on the business.
in the diagram.
In a situation such as this, the opportunity to improve is significant.
Do you plan to commit more resources to strengthen your risk management capabilities in the next 12 to
24 months?
Future state
Board oversight
Audit Compensation Risk Other
committee committee committees committees
Executive management
CEO CFO CRO General Council
Current state
control
log
hno
m nd
l a ory
lia
an Ris
Info
ag k ga lat
nc
em e
L gu
e
en re
Internal Risk Internal Information Legal and External
t
Compliance
audit management control technology regulatory audit
Internal External
audit audit
Business
unit
Business
unit
Business
unit
Business
unit
Aligned mandate and scope
Ź Do we understand the risks that Ź Are we focused on the risks Ź Are the risks we take aligned to
our company faces? that matter? our business strategies and
objectives?
Ź Do we know our key risks? Ź Do we have duplicative or
overlapping risk functions? Ź Are we getting the right return on
Ź Do we have effective risk
our risk investment?
reporting for executive Ź Are we leveraging automated
management and the board? controls versus manual controls? Ź Are we getting process
improvement ideas?
Ź Are we accepting the right level Ź Do we have the right mix of skills
of risk? at the right cost? Ź Are we taking the right risks to
achieve competitive advantage?
Ź Do we know if our risks are being Ź Have we optimized the use of
properly managed? technology to manage risk? Ź Is risk management slowing me
down or helping me go faster?
Ź Do we have a comprehensive risk Ź Can we use alternative sourcing
framework in place? strategies to reduce costs?
Head of department/Manager 10
Board member 6
$1b to $5b 70
$5b to $10b 9
$10b or more 12
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
0% 5% 10% 15%
Europe 39
Asia Pacific 29
Americas 21
www.ey.com