2022 OnRisk Report

Page 10

SIGNIFICANT GAP IN RELEVANCE AND CAPABILITY RATINGS ON SEVERAL RISKS While some ratings variation among individual respondent groups was expected, an analysis of the combined ratings for the three respondent groups uncoveredadditionalinsights.Theanalysisidentifiedlargegapsbetweenhigher risk relevance and lower organizational capability in several areas. This RelevanceCapabilityGapeflect r spotentiallysignificantriskmanagementvulnerabilites. Chief among these is Cybersecurity, which continues to exasperate organizations largeandsmall,publicandprivate,fo-prr ofitandnoprofit.Thisubiquitosand dynamic risk was rated as the most relevant by respondents, along with Talent Management(Figuer 3).Yet,onaverage,gan or izationalcapabilityagged significan.Lartly gedisparitesalsoarenotedforTalentManagement,Disruptive Inovation,e, Cultr DataPrivacy,andEconomicandPolitcalVolat. ilty

“As we have witnessed with the pipeline hack this year, these cybersecurity attacks can have a huge trickle-down effect. All industries are susceptible to cybersecurity risk to some extent.” – Board, Manufacturing

Fortheserisks,theelr ationshipbetweenelr evanceandcapabilityvaries.highellyr evantriskmaybeemor difficultomanage because it is unpredictable and not easily controllable, due to, for example, external factors that may augment risk velocity. This appearstobethecasefoee rth ofthesixriskswithelargestdisparites:Cybersecu,rity DisruptiveInovation,andEconomic andPolitcalVolat.Howevilty er,forTalentManagement,e, Cultr andDataPrivacy—risksthatcanbemanagedinternaloughlythr coolsntr andprocesses—thegapsmayeflect r emor uncertaintycomingoutfthepandemicratherthanalackofcool.ntr Figure 3:

AVERAGE RATINGS PER RISK AREA Percentage who gave a rating of 6 or 7 on a scale of 1 to 7 PERSONAL KNOWLEDGE

Note: OnRisk 2022interviewquestions:Howknledgeableareyouabouteachofthefolowingrisks?elHowr evantareeachofthefolowingriskstoyur cuenr gan tor ization?Overall,howcapableisyourcompanywhenitcomestohandlingenterprisewiderisk?Respondentscouldchosearatingfromascale of1to7,with1beingthelowest(“notatall”)and7beingthehighest(“extr

emely”).espo lr ndents.

ORGANIZATIONAL CAPABILITY

RISK RELEVANCE

n=90.

www.theiia.org 10

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Supply Chain Disruption

1min
page 41

Social Sustainability

1min
page 40

Environmental Sustainability

2min
pages 42-44

Disruptive Innovation

1min
page 39

Supplier and Vendor Management

1min
page 38

Change in Regulatory Environment

1min
page 37

Economic and Political Volatility

1min
page 36

Culture

1min
page 35

Data Privacy

0
pages 33-34

Organizational Governance

1min
page 32

Talent Management

1min
page 31

Cybersecurity

1min
page 30

The Risks

0
pages 28-29

Risk Stages Model

2min
pages 26-27

How to Use This Report

2min
page 25

Senior executives and boards desire broader scope for internal audit services

5min
pages 18-19

Methodology

1min
page 24

Perceptions of risk relevance vary greatly across ESG components

3min
pages 14-15

Pandemic revealed opportunities to improve organizational risk management

2min
pages 16-17

Insights and Actions – C-suite

1min
page 22

Insights and Actions – Board

1min
pages 20-21

Insights and Actions – CAEs

1min
page 23

Top Risks, 2022

3min
page 5

Introduction

1min
page 3

Key Observations Explained

0
page 7

several risks

1min
page 10

The OnRisk Approach

1min
page 4

Key Observations

1min
page 6

Notable variations in capability and relevance for certain risks

2min
pages 8-9
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.