Thought Leadership in Action

All organizations encounter risk. But how they handle those risks—and the price they pay —can make the difference between an organization that prospers and progresses and one that barely hangs on. Whether they are in a private company or a public institution, executives are trusted with helping their organizations become and stay competitive. And capably managing the risks their organizations face is part of fulfilling that charge.

Leaders need a thorough grasp of risk management and the total cost of risk. They need to understand how to not only deal with risk when it occurs but also try to prevent it from happening. And do both in the most cost-effective manner possible.

Part of risk assessment and prevention is studying the known and the potential risk factors that may affect an organization, studying the environment outside an organization, networking with peers and then putting together some predictive models.

In the fifth annual survey of corporate board members and executive leaders conducted by Protiviti and the Enterprise Risk Management (ERM) Initiative at North Carolina State University's Poole College of Management, ten risks rose above the rest.

Dr. Mark Beasley, Deloitte Professor of Enterprise Risk Management and NC State ERM Initiative director stated, “Our survey results support a shift we’ve seen in the focus of board members and c-suite executives towards risks associated with international and domestic economic conditions, regulatory scrutiny and cyber threats.”

Here are those top 10 risks named in this annual risk survey. Also included are the percentages of respondents who pinpointed the risk as having a “Significant Impact” on their organization.

1. Economic conditions in markets we currently serve may significantly restrict growth opportunities for our organization. (72%)
2. Regulatory changes and regulatory scrutiny may heighten, noticeably affecting the manner in which our products or services will be produced or delivered. (66%)
3. Rapid speed of disruptive innovations and/or new technologies within the industry may outpace our organization’s ability to compete and/or manage the risk appropriately, without making significant changes to our business model. (63%)
4. Our organization may not be sufficiently prepared to manage cyber threats that have the potential to significantly disrupt core operations and/or damage our brand. (60%)
5. Ensuring privacy/identity management and information security/system protection may require significant resources for us. (57%)
6. Sustaining customer loyalty and retention may be increasingly difficult due to evolving customer preferences and/or demographic shifts in our existing customer base. (57%)
7. Our organization’s culture may not sufficiently encourage the timely identification and escalation of risk issues that have the potential to significantly affect our core operations and achievement of strategic objectives. (5%)
8. Our organization’s succession challenges and ability to attract and retain top talent may limit our ability to achieve operational targets. (55%)
9. Resistance to change may restrict our organization from making necessary adjustments to the business model and core operations. (54%)
10. Anticipated volatility in global financial markets and currencies may create significantly challenging issues for our organization to address. (53%)

Risk is an extraordinarily complex and challenging issue. The only way to duck risk is to close your doors, pack up your bags and go home. But while that’s not an option, preparing for them is.