Views & Analysis
Many executives believe that the manufacturing sector is vulnerable to emerging and dynamic cyber risks, given the industry’s pace of technology change due to innovations in shop floor automation and connected products, according to a study by Deloitte and The Manufacturers Alliance for Productivity and Innovation (MAPI). Learn about escalation frameworks and the type of leadership and talent that are needed to address cyber risks effectively, as well as questions boards can ask to determine how cyber risks are being detected, managed and mitigated.
For the travel, hospitality and leisure sector, external shocks—such as terrorist attacks and the Zika epidemic—are impacting consumer travel decisions and reshaping their travel preferences. At the same time, the sector is increasingly vulnerable to internal risks such as food safety and cybersecurity. Understand how risk management in the sector is being balanced with the need to innovate, and what boards of directors are doing to become more engaged in risk oversight.
The anti-bribery management standards issued by the Geneva-based International Organization for Standardization (ISO) provide automotive companies, as well as global organizations in other sectors, with new guidance and tools that could potentially help mitigate the risks and costs of noncompliance with anti-bribery laws. Learn about the global nature of the new ISO guidance, as well as other considerations for any organization considering incorporating it into their ethics and compliance program.
Boards and C-suite executives overwhelmingly see risk as having an important role in value creation, but just 17% of respondents say they are actively using risk to drive returns, according to a new global survey from Deloitte. The survey also found that senior stakeholders want chief risk officers to spend significantly more time playing the strategist role, with a majority of respondents saying their risk officers should participate more in setting the strategic direction of the company and aligning risk management strategies accordingly.
Traditionally, internal audit (IA) has focused on providing assurance with respect to known risks and the effectiveness of controls in mitigating those risks. Regulators, however, are increasingly interested in an organization’s ability to identify blind spots and other vulnerabilities that may undermine the integrity of the risk management environment, including the risk of misconduct. IA functions can play a pivotal role by substantively testing culture and identifying potential risk-related outliers that may not be visible via other means, such as supervisory frameworks, escalations, compliance assessment and testing, and previous audits.
Identifying and managing strategic risks can be a difficult task. To add to the challenge, many companies have traditionally separated their risk and strategy functions and think of risk as more of a compliance responsibility rather than a dynamic tool for value creation, business performance management and growth. However, companies that align strategy and risk can be better served to allow for a process of “strategic resiliency,” which involves anticipating, knowing and acting on risks when introducing or executing new strategies as a way of increasing the chances of success in spite of uncertainty.