US Survey Finds Greater Risk Management Engagement in Delivering Value

Senior executives and risk professionals are more aligned than ever on their views of the role that risk management should play in strategic planning, according to a survey published jointly by risk advisory and insurance broking group Marsh and the US Risk Management Society (RIMS). However, the findings also suggest the strategic value that risk professionals can deliver may not be fully tapped.

The 10th annual ‘Excellence in Risk Management’ survey, issued at the recent RIMS 2013 annual conference and exhibition in Los Angeles, also found that 52% of the highest level or ‘c-suite’ executives and 47% of risk professionals responding to the survey agreed that the top reason why risk management is included in strategic planning and executive activities is to identify and assess risks arising from the strategic plan.

Additionally, 46% of c-suite and 40% of risk professional respondents agree that the function should provide strategic risk input to the strategic planning process. However, despite the role for risk management only 15% of the risk professionals and 20% of c-suite respondents said the risk manager is a full member of the strategic planning and/or execution teams, suggesting that risk management has yet to be fully integrated strategically.

“This general move toward risk professionals adding more value to organisations’ strategic decisions is encouraging,” said Carol Fox, director of the strategic and enterprise risk practice at RIMS. “Yet, there is still much room for growth, and gaps remain between what senior leaders and risk professionals expect from the risk function in its delivery of strategic value.”

The report notes that building organisational risk capabilities through education, providing greater risk input into strategic planning/execution, and establishing key risk indicators (KRIs) to guide the overall risk framework within their organizations are desired by c-suite executives.

One way to achieve this is through the use of data and analytics, which risk professionals and senior leaders ranked as the number one and number three focus areas, respectively, for developing risk management capabilities in 2013, the report found. Seventy-four per cent of respondents said their organisations need to conduct an analysis on their risk-related data.

“Data analysis of key risk, financial, and performance indicators that will support the organisation’s overall risk strategy will help risk professionals close the gap between being an insurance cost centre and a strategic thought centre,” said Marsh’s director of client engagement Yvette Connor.

Other findings from the survey include:

  • The top risks for 2013 reflect shifting priorities as political, regulatory, and environmental conditions changed over the past year. C-suite executives ranked business disruption as the biggest risk for 2013, while risk managers cited economic conditions as their top risk. In 2012, c-suite executives and risk professionals ranked economic conditions and legal or regulatory shifts as their top risk.
  • Risks related to data security and privacy breaches ranked 12th for risk professionals and only 26th among c-suite respondents, while exposure to technology and systems failures ranked 16th and 18th respectively. Marsh described the findings as “somewhat surprising given the coverage the topic has received in the media and other venues including the Davos World Economic Forum [WEF].”
  • Eighty per cent of c-suite respondents and 75% of risk professionals say they do not aggregate risks at the portfolio level, demonstrating an immediate opportunity for risk managers to coordinate information into a portfolio view.

The survey was compiled from online responses received in February 2013 from more than 1,200 risk managers, c-suite executives, and others involved in risk-related functions. Those responding to the survey were from public and private companies (39% each), non-profit organisations (12%) and the government (10%).


Related reading