THE ONRISK APPROACH The OnRisk approach is grounded in an innovative methodology that uniquely brings together the perspectives of the major stakeholders in organizational governance — the board, executive management, and chief audit executives. Alignment of these stakeholders’ views on personal knowledge, organizational capability, andriskelr evanceisasignificantsteptowardachievingstongr riskmanagementinsupportofeffectivegovernance. Themethodologyemploysqualitativeinterviewsof30boardmembers,30C-suiteexecutives,and30CEsfrom90 different organizations. The research provides a robust look at risks facing organizations and allows for both objective data analysis and subjective insights based on responses from risk management leaders. Collective ratings for each group are assigned a value based on the percentage of respondents who rate particular aspectsofeachriskata6or7ona7-pointscale.Forexample,if7in10boardmembersratedtheigan ro izations’ riskmanagementcapabilityondataprivacyata6or7,thescor ewouldbe70%. Further details regarding the OnRisk methodology, how to use and leverage this report, and explanations of the Stages of Risk developed in conjunction with the OnRisk approach can be found later in this report.
www.theiia.org 04
