Resolver Blog

Incident Management Governance Risk Compliance
September 24, 2013

Obstacles to Better Risk Management are Largely Internal

Written by Joe Crampton

Most companies are doing an effective job of tightening up their risk management efforts and responding to the growing number of operational, strategic and regulatory threats they face on a seemingly daily basis. However, if you asked most enterprises whether they could do better, many would say they could. A recent report from ACL suggests the reason these companies don’t do better may be due to the lack of internal resources.

According to the study, a lack of budget, IT support and knowledge about new risk assessment and internal audit software makes it difficult for companies to do everything within their power to shore up corporate defense from fraud, and account errors and operational waste. This is why a number of companies are focused so heavily on internal risk exposures – they don’t have the tools in place to fully mitigate these threats. The ACL study found that 66 percent of organizations are focused on internal risk exposures.

“Nearly 55 percent of respondents indicated that their GRC platform is comprised of a multitude of different solutions scattered across the organization,” the report noted, illustrating how the lack of consolidated technologies is a real threat. “Only 15 percent of organizations are using a single, unified technology platform to manage GRC processes.”

No Funding Impedes Technology Implementation
Furthermore, nearly half of respondents (49 percent) said their organizations are more at risk because they aren’t using new technologies and consolidating their risk management tools. The lack of funds devoted to risk management processes is a leading cause of this, suggesting that companies still aren’t properly supporting their risk management programs.

As few as 14 percent of respondents said they were satisfied with their current GRC platform, which further illustrates the lack of funding and how it can potentially impede risk management efforts. In fact, 29 percent were so dissatisfied with their technology that they would switch vendors for better integration.

Businesses face a growing number of threats on a daily basis, yet they are increasingly finding themselves unprepared to deal with these risks. Better use of risk management solutions may help firms create more efficient risk management strategies and improve their ability to respond to threats.