This marks the tenth year that Marsh and RIMS have produced the Excellence in Risk Management survey. Much has changed in the world of business and risk management over that time, but one thing has held true: Risk professionals continue to add great value to the organizations they serve.
The specifics of the roles they play vary greatly from company to company, but in general we have seen a move toward risk managers adding more value to organizations’ strategic decisions. Of course, there is still much room for growth, and gaps remain between what senior leaders and risk professionals expect from the risk function in its delivery of strategic value.
The 2013 Excellence in Risk Management survey gathered the views of more than 1,200 risk professionals worldwide, top executives, and others. Among the key findings:
- Risk management is in an evolutionary period. One of the characteristics of this time is a call for a more relevant central risk function, one that helps to better unlock the strategic role of risk management.
- Risk managers, in order to play more of a strategic role, need to “connect the dots” in their organizations and understand how priorities are set and how action steps are determined at upper levels of leadership. Building organizational risk capabilities through education, providing greater risk input into strategic planning/execution and establishing key risk indicators (KRIs) to guide the overall risk framework within their organizations are desired by the C-Suite.
- Eighty percent of C-Suite respondents and 75% of risk professionals said they do not aggregate risks at the portfolio level. The overwhelming “No” demonstrates an immediate opportunity: Risk management can deliver great value by coordinating information into a portfolio view.
- “Improve the use of data and analytics” was respondents top choice regarding focus areas for developing their organizations’ risk management capabilities, risk professionals this year chose. Overall, 74% of respondents said their organizations need to conduct deeper analysis on their risk-related data.
- Risk professionals and C-Suite executives said that identifying and assessing risks arising from the strategic plan is the top reason why risk management is included in strategic planning and execution activities. The C-Suite perspective clearly indicates a desire for risk management to add meaningful strategic value and effectively engage throughout the strategic workflow. This includes leading the risk identification and risk quantification to better inform organizational strategy.
- There is a significant gap in the definition of “value” between the C-Suite and risk professionals, as seen by responses to questions around key performance measurements. For example, the transactional (risk transfer) response is highly valued by risk professionals, and yet falls very low on the list for C-Suite respondents.
- When it comes to planning for the next catastrophe, risk professionals seem to be more strategically focused on enterprise-wide impacts than the C-Suite, which is still showing concern for the fundamental insurance coverage question. However, the coverage question suggests a keen interest in ensuring alignment between insurance contracts purchased and the value of financial benefits they should reliably deliver.
- The top risks for 2013 reflect shifting priorities as political, regulatory, and environmental conditions changed over the past year.