Uncertain economic conditions and pervasive, damaging cyberthreats did not prevent regulation from remaining the most worrisome risk for organizations, a new survey shows.
For the fourth straight year, regulatory change and heightened scrutiny was ranked as the No. 1 risk by board members and executives in global survey results announced Tuesday by consulting firm Protiviti and the North Carolina State University Enterprise Risk Management Initiative.
The survey polled 250 respondents in the United States and 285 outside the United States about the impact of 27 risk issues facing their organizations. The most pervasive risks, along with the percentage of respondents who said the risks will have “significant impact” in their organization in the next year, were:
- Regulatory changes and scrutiny, 60%.
- Economic conditions, 60%.
- Cyberthreats, 57%.
- Privacy/identity management and information security, 53%.
- Succession challenges and ability to attract and retain top talent, 52%.
- Rapid speed of disruptive innovations and new technologies, 51%.
- Volatility in global financial markets and currencies, 50%.
- Resistance to change operations, 49%.
- Sustaining customer loyalty and retention, 46%.
- Organization’s culture may not encourage timely identification and escalation of issues, 45%.
Regulatory changes and scrutiny rated slightly higher on the risk scale than economic conditions because of a higher percentage of “potential impact” ratings.
New to the top 10 list were the rapid speed of disruptive innovations and new technologies, and volatility in global financial markets and currencies. Exiting the top 10 were two 2015 top-10 risks: concern over the ability to manage an unexpected crisis that could affect reputation, and the ability to meet performance expectations relative to competitors.
Mark Beasley, CPA, director of N.C. State’s ERM Initiative, said executive team members see the next 12 months as riskier than board members do.
“These findings suggest there is a strong need for discussion and dialogue between management and the board to ensure the organization is focused on the right emerging risk exposures,” Beasley said in a news release.
—Ken Tysiac (firstname.lastname@example.org) is a JofA editorial director.