The changing face of risk management - includes related article on information sources for internal auditors and information technology planning

Internal Auditor,  Oct, 1998  

• E-mail
• Print
• Link

Corporate Governance Sparks Debate...Workplace Violence on the Rise...How to Become a CEO...IT Projects Arrive Late and Over-budget...

The nature of corporate risk is shifting rapidly, along with the methods for managing it. Only a decade ago, businesses relied on insurance policies to offset risks. In today's environment, more companies favor prevention, making sure things don't go wrong in the first place.

Many of the world's largest international organizations are instituting corporate "risk cultures" that focus proactively on risk management instead of defensively on insurance. A key element is a company-wide risk awareness and prevention program that empowers employees to head off adverse events and take advantage of opportunities.

Most Popular Articles in Business

Research and Markets : Tesco Plc - SWOT Framework Analysis

Do Us a Flavor - Ben & Jerry's Issues a Call for Euphoric New Flavors

eBay made easy: ready to start an eBay business? These 5 simple steps will ...

Katrina's lawsuit surge: a legal battle to force insurers to pay for flood ...

Wal-Mart's newest distribution center opened last month near the southwest ...

More »

More organizations are also pushing the responsibility for risk management downward. Companies such as British Petroleum, the U.K.'s largest oil producer, expect every employee, from the CEO to the mailroom clerk, to serve as a "risk manager." At a Xerox, Ltd. plant in the U.K., restroom mirrors remind employees, "You are looking at your safety manager."

Even the primary focus of risk management activities has shifted. Any possible source of uncertainty is now treated as a risk that might need managing. This "holistic" approach addresses all potential risk exposures to a company, from legal, political, and regulatory issues, to shareholder relations, the effects of competition, and management competence. It encompasses health and safety, product development, staff fraud, and company reputation, as well as the purely financial aspects of running a business.

To stay in step with these new approaches, internal auditors must recalibrate their own risk concepts and activities. "The paradigm for internal auditing has changed," notes David McNamee, President of Management Control Concepts in Walnut Creek, California. "We've moved, or should be moving, from control-focused auditing, which considers the reaction to risk, to risk-focused auditing, which seeks to evaluate the management of risk."

Internal auditors must also broaden their definition of risk to match that of the organization. "Internal auditing's risk assessment process has been primarily a number crunching game of assigning weights and scores to determine which area possesses the greatest level of operational risk," adds Peter Jackson, Director of Criteria of Control (CoCo) for the Canadian Institute of Chartered Accountants. "Some risks facing organizations today, however, cannot be measured. Internal auditors must expand their efforts to ensure that these often-overlooked risks are addressed."

The profound changes occurring in the science of risk management can be traced in part to the increasingly high stakes of mismanagement, especially for senior management and the board, who are expected to take a much more active role than was previously necessary. For example, the British government has introduced a "corporate killing" offense designed to punish directors when their failure to rectify unsafe practices results in death. In addition, regulators worldwide have made it clear that executives not actively involved in contingency planning for the switch to the Euro and the year 2000 date change will be held responsible for ensuing losses.

Shareholder pressure is another factor. Organizational success or disaster rests squarely on management's ability to handle risk effectively, and shareholders are watching. Legal protection of whistleblowers, established in the u.s. and close to acceptance in the U.K., increases the chance that customers and stockholders will learn of abuses. Even Germany, traditionally a bastion of corporate secrecy, has seen companies become more accountable to the outside world as they seek access to international capital markets.

Some organizations, such as the Association of Insurance and Risk Managers in the U.K., have gone so far as to suggest that a risk management policy statement be included in the annual reports and accounts of public companies. Any actual or perceived failure by senior management to be involved in the risk minimization process will likely be regarded as a breach of fiduciary duty.

Demanding environments place even greater onus on internal auditors. "The world is a much more unforgiving place than it was even five years ago," explains Roger Davis, Head of Professional Affairs for Pricewaterhouse-Coopers U.K. "Capital markets in particular are less forgiving of companies, of managements, and of boards who stumble into mistakes and control failures that result in significant losses. As a result, the board and senior management are going to be much more demanding of internal auditors. Assurance regarding financial controls is no longer their only priority. They want assurance that organizational risks have been properly evaluated and addressed."

Corporate Governance Strides and Setbacks

To help ensure growth in their companies, boards of large public corporations and those of entrepreneurial, small, and mid-sized organizations are placing increased emphasis on corporate governance issues. According to the findings of a Grant Thornton survey, more U.S. companies are creating nominating, compensation, and governance committees.

Find Research Guides for:

• Abortion
• ADHD
• AIDS
• Alternative Energy
• Alternative Medicine
• Cancer
• Capital Punishment
• Cloning
• Hate Crime
• Cryonics
• Drug Abuse
• Eating Disorders
• Gay Issues
• Global Warming
• Holidays
• Immigration
• Medical
• Men's Health
• Mental Health
• Real Estate
• Stem Cells
• Women's Health

Find Featured Titles for: Technology

• Advanced Battery Technology
• America's Network
• BT Catalyst
• Baseline
• CADalyst
• Cable World
• Channel 3
• Channel Insider, The
• Communications News
• Computer Technology Review
• Dev Source
• PC Magazine

Most Popular Articles in Business

• Research and Markets : Tesco Plc - SWOT Framework Analysis
• Do Us a Flavor - Ben & Jerry's Issues a Call for Euphoric New Flavors
• eBay made easy: ready to start an eBay business? These 5 simple steps will ...
• Katrina's lawsuit surge: a legal battle to force insurers to pay for flood ...
• Wal-Mart's newest distribution center opened last month near the southwest ...
• More »

Most Popular Publications in Business

• Business Wire
• Black Enterprise
• Real Estate Weekly
• Los Angeles Business Journal
• Communication World
• More »