Global risk leader at Ernst & Young, Gerry Dixon, attributed this to the commonly isolated and divergent objectives and starting points of the different risk management functions. "[They] often exist in silos that are disconnected from one another and the wider business strategy," he said. "As a result, risks identified in one area may not be communicated or recognised by another. Moreover, different areas within an organisation may have different views on the severity or importance of certain risks."
As such, Ernst & Young executives have put forward the case for the enterprisewide alignment of risk and control activities as the key to delivering improved risk coverage, as well as the decreased costs and increased value of risk functions. This effort, they said in a statement, should include "having an aligned mandate and scope, coordinated infrastructure and people, consistent methods and practices and common information and technology."
And they should do so immediately, Dixon advised. "Leading companies are creating a competitive advantage by using the economic downturn as an opportunity to make practical yet valuable improvements to the way risk is managed," he said. "More than ever, organisations need to have a comprehensive and coordinated risk management approach with strong executive oversight and board of director governance. The opportunity to make those changes is now."
Sign up for Computerworld eNewsletters.