You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Dm STRATEGY: RISK MANAGEMENT<br />
We are all risk managers<br />
Global executives are evolving their approach to risk, says<br />
Sue Trombley, Managing Director of Thought Leadership,<br />
Iron Mountain, examining who is responsible for risk<br />
management and how they can adopt solutions that<br />
protect all parts of the organisation<br />
Risk management is not a new topic,<br />
especially for records and information<br />
leaders. Risk and cost reduction have<br />
been strategic and operational objectives in<br />
organisations for decades. But given<br />
heightened and complex disruptions over<br />
the past three years, executives are taking a<br />
new look at how to identify, anticipate, and<br />
manage risk. New research provides a<br />
message that is loud and clear: senior<br />
executives must lead from the top to ensure<br />
that all employees are "risk literate" - because<br />
everyone is a risk manager.<br />
EXAMINING PERCEPTIONS<br />
A recent global study sponsored by Iron<br />
Mountain and conducted by Economist<br />
Impact (the research arm of the popular<br />
weekly newspaper The Economist) surveyed<br />
more than 650 executives from around the<br />
world and across both private and public<br />
sectors. The study examined these leaders'<br />
perceptions of risk, how it has changed<br />
since 2020, and how they have adjusted<br />
their strategies to protect their most<br />
significant vulnerabilities.<br />
An overwhelming 90% of respondents say<br />
they have increased the importance they<br />
assign to identifying risk since 2020. And<br />
80% are now more sensitive to indicators<br />
that could have an impact on their<br />
reputation, giving nearly equal consideration<br />
to operational, environmental,<br />
technological, and workforce indicators.<br />
The study also found that 77% of<br />
executives agree that risk management<br />
spans the entire organisation, yet over half<br />
admit that they need to improve crossfunctional<br />
collaboration and only 46% have<br />
invested in the creation of enterprise-wide<br />
risk management teams. Only 36% report<br />
integrating risk management into their<br />
overall strategy or placing decision-making<br />
as a priority feature of their risk<br />
management system.<br />
Other research highlights include:<br />
76% of respondents say technology is a<br />
much more important risk factor than it<br />
was three years ago<br />
Only 29% have clear policies around risk<br />
management and only 22% have clear<br />
accountability for risk management<br />
86% say their organisation needs more<br />
continued support from management<br />
73% say there's a lack of standardised<br />
evaluation to measure risk<br />
Over 63% aren't relying on or thinking<br />
about third-party contracts, vendors,<br />
and supply chain partners for risk<br />
management, failing to establish a riskaware<br />
chain of custody for their records<br />
and information storage<br />
86% of executives say they need better<br />
assessment and awareness of how<br />
climate change impacts risk.<br />
Risk has always been present, but this<br />
research confirms that risk management<br />
must evolve from a siloed function to an<br />
integrated and active part of an<br />
organisation's culture.<br />
Risk awareness and management are the<br />
responsibility of an entire enterprise,<br />
including its vendors and partners. Going<br />
beyond the singular role of risk manager or<br />
risk officer, risk management is an effort that<br />
requires an interdisciplinary, interconnected<br />
approach that creates a rigorous framework<br />
for anticipating and mitigating risk.<br />
EVERYONE IS RESPONSIBLE<br />
When asked "Who is responsible for risk<br />
management in your organisation?" survey<br />
respondents identified a range of roles from<br />
CEO to the head of IT, showing a lack of<br />
consensus. Because risk identification and<br />
management are happening on the ground<br />
in day-to-day activities, it's important to<br />
equip everyone to be a risk manager and<br />
continually promote collaboration.<br />
A strong indicator of effective risk<br />
awareness is representation by key<br />
stakeholders, yet only 4% of surveyed<br />
executives report having a risk management<br />
committee that is directly responsible for<br />
driving risk management. Such a<br />
committee creates the scaffolding needed<br />
to build a comprehensive, cross-functional<br />
team dedicated not only to informed<br />
26 @<strong>DM</strong>MagAndAwards <strong>Sep</strong>tember/<strong>Oct</strong>ober <strong>2023</strong> www.document-manager.com