New Forrester study looks at the state of enterprise risk management
- Published: Monday, 13 March 2023 10:46
Dataminr has released details of a commissioned study conducted by Forrester Consulting to evaluate the state of enterprise risk management at midsize to large enterprises across industries in the North America, Europe, and APAC regions.
Forrester surveyed 500 risk leaders to inform the study, titled ‘Constant Disruption Is The New Status Quo’, and found that organizations encounter significant organizational, strategic, and technological barriers on their way to implementing an effective ERM strategy. The study also found that nearly 70 percent of respondents said their organizations experienced at least two separate critical risk events in the past year, while over 40 percent experienced at least three, and nearly 20 percent suffered six or more incidents.
The survey found that 70 percent of respondents believed that optimized, real-time alerting would have helped them significantly or totally reduced the harm of the most serious or disruptive events their organization faced last year. At this time, 56 percent of respondents indicated they don't have real-time alerting solutions in place today, but 62 percent plan to implement or expand their use of such tools, and 54 percent plan to increase investment over the next 12 months.
The research identified four key findings:
- Many risk leaders are taking too narrow a view of the systemic risks their organizations face. Business risk will become more, not less, complicated to manage in the future, and fewer than a third of risk leaders completely agree that risks to their business can come from anywhere.
- Risk strategies have significantly advanced over the past few years, but still have a long way to go. Just 36 percent of respondents have a C-suite champion leading risk management today.
- Cyber security and real-time alerting capabilities will be a major area of focus going forward. Respondents were most likely to cite cyber risk tools and real-time alerting capabilities as the most critical features their next risk management platform must include.
- Successful ERM implementations are driven by aligned leadership, vision and technology. Organizations with highly effective ERM strategies were 27 percent more likely to have a C-suite leader for ERM, compared to those from lower-maturity organizations. C-suite champions are empowered to work across organizational silos and to coordinate with other business leaders within the organization.
In addition to the above key takeaways, the survey also found that only 18 percent of respondents reported that their current ERM strategies are effective or very effective across all five capabilities surveyed, including identifying, evaluating, monitoring, responding to, and communicating about risk.
Forrester completed the study in Q3 2022. Participants were decision makers in physical security and security operations, cyber/information security, business continuity, human resources and employee experience, corporate communications, and supply chain roles. Questions focused on how organizations navigate risk strategies, technologies and workflows.