The uncertain financial times of the past few years have had a major effect on how companies operate these days. Companies that used to operate effortlessly with the help of forecasts and projections now resist making business decisions that are set in stone, and as a result companies have a new focus: managing risk.
Managing risk is as important and difficult as it has always been. New Global Research commissioned by Loudhouse for SAP reveals that today’s complex business environment severely challenges companies.
The survey of 1000+ executives with responsibility for governance, risk, and compliance (GRC) in their organizations found that increasing risk and regulation complexity is now the biggest challenge on organizations’ GRC functions.
There is no real business opportunity without risk. Yet according to the research, companies are dropping the ball. In simple terms, the way to balance risk and opportunity is to look at both as two sides of the same coin. Obviously one is looking for the opportunity side to be bigger than the risk side. Great entrepreneurs have learned how to realistically assess and manage both sides of the coin in the following business opportunity and risk categories.
SAP’s research findings reveal that one in ten organizations are fully satisfied that they have adequate GRC tools, technologies, and processes in place. Similarly, only one in ten are fully satisfied these tools, technologies, and processes will keep pace with future growth. As a result, companies are ill-prepared and may get nailed for lax controls.
While the research reveals different levels of preparedness among companies, the message from GRC professionals is clear: Companies are not managing risk properly and should prepare for black swans, or incidents that occur randomly and unexpectedly and have a major effect on operations. Black swans may be game-changing, but they are not all that rare, and businesses can mitigate against them with GRC tools, technologies, and processes. The consequences of delay are serious.
GRC specialists face serious internal pressures to cut costs and prove effectiveness. Within every organization, GRC professionals must stay on top of changing business environments that introduce a range of operational risks, such as employees, third-party relationships, mergers & acquisitions, processes, strategy, and technology.
At the same time, GRC technology and processes can work only if they are respected within the company. GRC should become a key part of business processes and thinking, helping the firm achieve its business goals.
Regulatory environments in all industries create a constantly shifting sea of requirements at local, regional, and international levels. The turbulence of thousands of changing laws, regulations, enforcement actions, administrative decisions, rule-making, and more has organizations struggling to stay afloat. A full 81% of GRC professionals surveyed say risk and regulation has become more complex in the last five years, and without the right GRC tools and mythologies, businesses will be inadequately protected from risk. Read the full report here.