Two cybersecurity myths putting your business at risk from hackers
The wrong attitudes towards risk and complexity could leave you open to attack.
Organizations already have a lot of C-level executives, do they really need another one? A new report from consulting form Deloitte makes the case for appointing a chief risk officer (CRO) to oversee risk management.
Also: Cyber security: Your boss doesn’t care and that’s not OK
As part of its research, the firm surveyed 500 senior executives in the US, including 100 with the title of CRO or equivalent, 100 not primarily responsible for risk, and 300 in risk-related functions such as IT and operational risk.
More than 90% of the survey respondents think risk management is becoming more important to achieving their organization’s strategic goals. Given its importance, the study said, it makes sense to have risk management present in key C-suite and board meetings. Risk management functions include such areas as regulatory compliance and cyber security.
Only 38% of the responding CROs and risk managers said they have a great deal of input to C-suite or board decisions, however. Appointing a true CRO to the C-suite recognizes that risk is a senior-level concern, the report said.
The survey results led to four key findings, according to Deloitte. One is that organizations that invest in risk management — and specifically link risk management to the attainment of the most important strategic and financial goals — typically achieve higher relative growth.
Organizations with highly integrated risk programs integrated across the enterprise are seeing value from risk management, the report said. Such organizations typically exceed profitability targets more often and achieve higher growth than those companies with less integrated programs, which might struggle to realize value and achieve desired outcomes.
A second key finding is that risk management has become elevated and more strategic in most organizations. Most executive teams grasp the importance of risk management in the attainment of corporate goals and the value of more strategic approaches, the study noted. In addition, CROs are pursuing more strategic roles in the organization.
Another main finding is that the case for appointing a CRO or equivalent executive who reports to the C-suite or board is strong. Those organizations that give risk management a seat at the table at C-suite and board meetings are more likely to have high-performing programs.
Related Topics:
Data Management
CXO
Digital Transformation
Tech Industry
Smart Cities
Cloud