While businesses around the world are facing increased risks, the business changes companies are undertaking to address market shifts are creating “capability gaps” in risk management, according to a new report from PricewaterhouseCoopers L.L.P.
In response, according to the 2014 “Risk in Review: Re-evaluating How Your Company Addresses Risk” report, companies are focusing on creating a risk-aware culture, developing processes to continuously identify and monitor risks and conducting more nonfinancial audits.
PwC's survey of executives worldwide found 75% reporting that the risks their businesses face are increasing. Asked to identify the external factors that will have the greatest effect on their organization over the next 18 months, 58% said technological change and information technology risks, 56% said increasing regulatory complexity and scrutiny, and 50% said changing customer needs and behavior.
In terms of the areas representing the largest capability gaps for their companies, 26% identified fragmented risk data and analysis, 24% said risks from business transformation, and 23% said cyber risks, including weak links in IT security systems.
Other capability gaps the executives identified included emerging risks, cited by 20%, and operational risks and third-party risks, each mentioned by 18% of those surveyed.
As they look to close those capability gaps and better position themselves to address nontraditional risks, 84% said that over the next 18 months they plan to create a risk-aware culture by making risk management a priority for people at all levels of the organization.
Other changes planned over the next 18 months include: 82% reporting they plan to develop processes to continuously identify and monitor risks; 79% saying their companies will conduct more nonfinancial audits; and 79% saying they plan to integrate risk and business strategies.
Conducted in the fall of 2013, the survey polled 1,940 executives in 37 countries. The PwC report, released Wednesday, can be found here.