Risk operations are reporting at a higher organizational level these days; fewer are reporting to the CFO. In Deloitte’s Global Risk Management Survey published in 2013, 71 percent of CROs reported directly to the CEO. Companies know that they need better visibility into their global risks so that they can make more informed strategic decisions. At the same time, a 2013 Accenture Study showed that there’s a significant gap between the importance of the risk management function to achieving company goals and the risk management operation’s actual capabilities.
But reporting structure doesn’t tell the whole story. Some risk managers are adding more value than others. They’re the ones that are managing risk both offensively and defensively, enabling the C-suite to predict as well as respond. They do that by making sense of data (lots of it), aligning it with organizational priorities, and reporting it when it is most actionable. Data discovery, management, and analysis tools can enable risk managers to proactively manage risk, adding value beyond what’s been possible in the past.
This proactivity is especially important because of the new types of risks companies are grappling with. IT and reputational risks are fast moving—companies must be constantly alert and agile to adequately address them. Keeping up with the pace and reach of social media, while not easy, has become an essential element of risk containment. The dynamic nature of emerging threats and the scale of their impact are a complete mismatch with traditional manual reporting techniques and historical snapshots.
There’s a massive amount of data out there to sift through to be able to present a coherent picture of a company’s risk terrain. Some of it is irrelevant (noise), some is key, and others might be important if correlated properly. Executives and board members need risk managers to distill the data and explain how it impacts various parts of the organization. Reporting must be accurate, relevant, and clearly presented. That capability is immensely valuable and situates risk managers in the boardroom much more frequently than once per quarter.
There’s increasing discussion in the risk management industry about Big Data and the Internet of Things. We at ClearSight are talking about them too, as they hold so much promise as the foundation for dynamic risk management. An important focus for us is helping risk managers extract value from all that data through mining, aggregation, advanced analytics, and graphical reporting. Our next-generation risk management platform is being developed with a sharp focus on the value potential of the technology-equipped risk manager. Stay tuned!