Extended enterprise risk management responsibility moves to the boardroom

Published: Friday, 20 September 2019 07:52

According to a Deloitte extended enterprise risk management (EERM) survey, as better management of third party risk has been viewed as a transformation opportunity, boards and senior leadership have grown to have ultimate responsibility for EERM in more than three-quarters of respondent organizations. However, just over half (53 percent) of respondents to Deloitte's survey want a more coordinated and consistent approach to EERM across organizational functions.

Other key findings from the survey included:

Leadership wants better engagement, better coordination and smarter use of data

Third party risk management was viewed as an operational rather than a board or top leadership issue for decades. As better management of EERM has been viewed as a transformation opportunity, boards and senior leadership have grown to have ultimate responsibility for EERM in more than three-quarters of respondent organizations. This starts with better engagement and coordination within the business, encompassing organizational units, geographies, risk domains and subject matter experts.
As the survey revealed, boards and executive leadership now retain ultimate responsibility for EERM in most organizations.

Who ultimately has responsibility for third-party risk management?

More details.