• About us
  • Raising The Bar
  • Risk Committees
  • Team
  • Events
  • Blog
  • Contact
  • Menu

The Risk Coalition

  • About us
  • Raising The Bar
  • Risk Committees
  • Team
  • Events
  • Blog
  • Contact

Risk in Focus - what's on the risk radar?

November 12, 2021

Whilst the rollout of vaccines across the developed world and the reopening of economies means that many of us are getting “back to normal”, the coronavirus pandemic continues to have deep impacts on businesses and all risk professionals need to adapt to a fast-changing risk landscape. 

Unsurprisingly, the Chartered Institute of Internal Auditors’ Risk in Focus annual thought-leadership research piece – a barometer of what chief audit executives (CAEs) and other risk professional across Europe consider to be the top risks facing their organisations – has very much been shaped by the pandemic. As a result, the research revealed new key areas of concerns that should be on all internal audit leaders’ radars. A prominent example is the increase in the priority of ESG risks such as human capital, diversity and talent management.  Almost half (40%) of CAEs listed this as a top five risk, which we interpret as a knock-on impact of the workplace disruption caused by the ongoing pandemic, including changes to working patterns and expectations of what work means. 

Risks currently faced by organisations - Risk in Focus 2022

Risk in Focus 2022 also sees supply chains, outsourcing and ‘nth’ party risk becoming an increasing concern whose effects we see reflected in the world around us. The news today notes chronic shortages of HGV drivers, soaring gas prices, empty petrol pumps and a lack of C02 causing gaps on supermarket shelves. Certainly, we continue to witness the fallout from the pandemic which destabilised operations and labour, disrupted supply and demand, and undermined previously sound business models to an extent few would have thought possible. 

But perhaps one of the most striking finding is the growing importance of climate change and environmental sustainability. This has been steadily rising up the agenda, with a 41% increase in the number of CAEs who view it as a top five risk, putting it in the top ten for the first time. Despite this, 7 in 10 (69%) CAEs still don’t consider it a ‘top five’ risk to their organisation, and just one in 10 (12%) of internal audit teams surveyed has said they are prioritising spending significant time and effort preparing for the ‘existential risk’ of climate change. 

These findings are especially poignant as we watch the COP26 conference unfold in Glasgow, and we urge internal audit functions to begin devoting attention to this risk if they have not done so already.

Once again, cybersecurity and data security took the top spot on the list of key risks. 82% of CAEs said this was amongst their top five risks, putting it ahead of any other risk type. Not only that, 34% of CAEs said this was their single biggest risk. This coincides with a material increase in cybercrime over the course of the pandemic, as criminals have sought to exploit the security weaknesses exposed by operational disruptions.

As well as the current risks, we asked CAEs what their priorities will be in the years to come. With new threats and challenges rising up the agenda, risk professionals must be alert to the changing landscape as they make their audit plans for the following year.  This makes Risk in Focus 2022 a vital point of reference for all risk professionals, not just in Europe but globally.

Risks expected to be faced in three years’ time by organisations - Risk in Focus 2022

 

Sophie Malleson is the Senior Policy and External Affairs Executive at the Chartered IIA (UK and Ireland) and the project lead for Risk in Focus. Here she outlines the key findings of Risk in Focus 2022 which shows how the risk landscape has been affected by the coronavirus pandemic.

About Risk in Focus

Risk in Focus is a forward-looking thought-leadership piece that highlights emerging risks and challenges that help audit functions develop their plans for the year ahead. 

  • research was conducted in March and April of 2021.  Data was collected through a quantitative survey among CAE members of 12 Institutes of Internal Auditors in Austria, Belgium, France, Germany, Greece, Italy, Luxembourg, the Netherlands, Spain, Sweden, Switzerland and the UK & Ireland. The survey elicited 738 responses.

  • Further insight was gathered through 50 interviews with a sample of 35 Chief Audit Executives, 12 Audit Committee Chairs and 3 CEOs from across the above listed countries.

About the Chartered Institute of Internal Auditors

The Chartered IIA represents around 10,000 internal audit professionals in organisations spanning all sectors of the economy, across the UK and Ireland. It champions the contribution internal audit makes to good corporate governance, strong risk management and a rigorous control environment leading to the long-term success of organisations, including those in the public sector.

Tags: Sophie Malleson
Prev / Next

Blog

Featured
Sep 4, 2024
Polly Williams, Mia Harris
Three key threats of phishing to be aware of
Sep 4, 2024
Polly Williams, Mia Harris
Sep 4, 2024
Polly Williams, Mia Harris
Aug 25, 2024
Felix Ritchie
Principles versus rules in data and corporate governance
Aug 25, 2024
Felix Ritchie
Aug 25, 2024
Felix Ritchie
Jul 16, 2024
Jane Hunter, Mia Harris
How can you maintain high standards in your business without suffering burnout?
Jul 16, 2024
Jane Hunter, Mia Harris
Jul 16, 2024
Jane Hunter, Mia Harris
Jun 2, 2024
Afshan Moeed
Enforcement of individual accountability in UK banking: a new boardroom recipe for change or continuity?
Jun 2, 2024
Afshan Moeed
Jun 2, 2024
Afshan Moeed
May 28, 2024
Craig Morris, Mia Harris
Three exciting new developments for AI in 2024 that you need to know about
May 28, 2024
Craig Morris, Mia Harris
May 28, 2024
Craig Morris, Mia Harris
May 24, 2024
Stefan Hunziker
The stuff of nightmares: risk management is shut down, and nobody notices
May 24, 2024
Stefan Hunziker
May 24, 2024
Stefan Hunziker
Mar 20, 2024
Neil Tinegate
What should boards know about digital technology?
Mar 20, 2024
Neil Tinegate
Mar 20, 2024
Neil Tinegate
Mar 15, 2024
Francis Kean
The insolvency risk for company directors - are you swimming naked?
Mar 15, 2024
Francis Kean
Mar 15, 2024
Francis Kean
Feb 29, 2024
Andy Watkins-Child
Are you sitting comfortably?  Cyber risk, board attestations and the implications for NEDs
Feb 29, 2024
Andy Watkins-Child
Feb 29, 2024
Andy Watkins-Child
Oct 24, 2023
Mamun Madaser
Risk management and internal audit should collaborate to navigate the poly-crisis of risk
Oct 24, 2023
Mamun Madaser
Oct 24, 2023
Mamun Madaser
Oct 18, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 2
Oct 18, 2023
Jim Watson
Oct 18, 2023
Jim Watson
Oct 13, 2023
Nisha Sanghani
Risk management and internal controls: much (needed) work to do as a result of the proposed changes to the UK Corporate Governance Code
Oct 13, 2023
Nisha Sanghani
Oct 13, 2023
Nisha Sanghani
Oct 9, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 1
Oct 9, 2023
Jim Watson
Oct 9, 2023
Jim Watson
Sep 25, 2023
Chris Burt
The implications of the revised UK Corporate Governance Code
Sep 25, 2023
Chris Burt
Sep 25, 2023
Chris Burt
Sep 13, 2023
Andrew Cunningham
Financial regulators take aim at crypto-finance
Sep 13, 2023
Andrew Cunningham
Sep 13, 2023
Andrew Cunningham