Boardroom PR—thanks to execs’ sketchy reporting, corporate boards may be blind to risks

by | Oct 29, 2019 | Public Relations

Corporate board members may have greater confidence in their organizations’ ability to manage key risks than management actually does—and as a result, boards are significantly overconfident when it comes to addressing the thorniest issues facing their organizations, according to eye-opening new research from The Institute of Internal Auditors (IIA).

And what’s the reason for the skewed sense of security on a variety of risks, ranging from data protection and new technology to culture and sustainability? The new IIA report asserts that boards may be receiving incomplete or misleading information from management, which is then compounded by members’ failure to ask critical questions.

Boardroom PR—thanks to execs’ sketchy info, corporate boards may be blind to risks

The study, OnRisk 2020: A Guide to Understanding, Aligning, and Optimizing Risk, provides a comprehensive view of organizational risk from those who manage it. Through quantitative and qualitative surveys, this first-of-its-kind report lays out how each group perceives and communicates key risks—and provides important benchmarking to help organizations align and enhance their risk management strategies and execution.

Organizational risk capability—board and C-suite perceptions:

Boardroom PR—thanks to execs’ sketchy info, corporate boards may be blind to risks

Among the report’s key findings:

A suspect gap between management’s views and management’s reporting

There is a critical misalignment between how executive management views an organization’s capability to manage risks and what is communicated to boards, leading to board members believing risks are better managed than they are.

Board members’ expectations are too low

A perception of “acceptable misalignment” on risk—some respondents believe some misalignment is to be expected—is prevalent.

Poor approach to risk management

Some industries are lagging in adopting a systematic approach to risk management. These include healthcare and retail/wholesale, as well as the public/municipal sector.

Boardroom PR—thanks to execs’ sketchy info, corporate boards may be blind to risks

Some risks are subject to greater reporting gaps

Among 11 key risks reviewed in the report, cybersecurity and data management and new technology are especially susceptible to critical knowledge deficits.

Some risks are expected to be greater threats

Data management/collection and new technology, data ethics, and sustainability risks are expected to grow in relevance in the next five years.

Boardroom PR—thanks to execs’ sketchy info, corporate boards may be blind to risks

“Acceptable misalignment on risk is a risk itself that’s shortsighted and simply unacceptable,” said Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA, IIA President and CEO, in a news release. “The burden is on management to provide the board with an accurate picture of risks that may negatively impact the organization as well as those that present opportunities. But board members also must seek out informed and objective assurance on the information they receive, and internal audit is uniquely positioned to provide that truly independent and enterprise-wide perspective.”

The inaugural OnRisk report is a significant step in collecting stakeholder perspectives on risk and risk management in support of good governance and organizational success. The combination of quantitative and qualitative research provides a robust look at 11 top risks facing organizations and allows for both objective data analysis and subjective insights based on responses from risk management leaders.

Organizational capability for 11 risks plotted on the Risk Stages model:

Boardroom PR—thanks to execs’ sketchy info, corporate boards may be blind to risks

Risk stages are Recognize (r), Explore (e), Develop (d), Maintain (m).

“It is vital for organizations to not only develop strategies to address risks, but to have an added layer of assurance that examines the effectiveness of the risk strategy and its components,” Chambers said. “No single report provided a holistic view of risk based on the perspectives of the three key players in risk management—until now.”

Read the complete report here.

The qualitative survey is based on 90 in-depth interviews with professionals in North American boardrooms, C-suites, and internal audit functions. The quantitative survey involved more than 600 internal audit leaders, primarily chief audit executives.

Richard Carufel
Richard Carufel is editor of Bulldog Reporter and the Daily ’Dog, one of the web’s leading sources of PR and marketing communications news and opinions. He has been reporting on the PR and communications industry for over 17 years, and has interviewed hundreds of journalists and PR industry leaders. Reach him at richard.carufel@bulldogreporter.com; @BulldogReporter


7 benefits of building authentic relationships with influencers

7 benefits of building authentic relationships with influencers

In today's digital landscape, influencer marketing stands as a formidable tool for brands aiming to reach target audiences and build brand awareness. However, just investing in popular influencers isn't enough. Consumers are looking for authenticity and can easily...

Maximizing the impact of influencer marketing on consumer behavior

Maximizing the impact of influencer marketing on consumer behavior

Influencer marketing has emerged as a pivotal strategy in modern digital advertising, leveraging the popularity and authority of individuals with large followings on social media platforms to promote products and services. Unlike traditional celebrity endorsements,...