Organisations should focus on developing stronger digital skills and capacity in their risk function in order to make more informed decisions about risk in a technology-driven world, according to the eighth edition of PwC’s Risk In Review study.
The 2019 study has found that while many organisations have already embraced new technology as part of their internal audit, risk and compliance functions they are yet to fully realise the potential benefits of using the insights to inform decisions over investment in digital transformation.
PwC’s study focuses on identifying what categories help top-performing ‘digitally fit’ risk functions stand out both in terms of their ability to strategically advise stakeholders on risk and assurance, as well as the risk function’s own ability to adapt and embed new processes required by digital transformation.
The six habits of risk functions that fuel smarter risk-taking are:
- Go all-in on the organisation’s digital plan
- Upskill and inject new talent to move at the speed of the organisation
- Find the right fit for emerging technologies
- Enable the organisation to act on risks in real time
- Actively engage decision makers of key digital initiatives
- Collaborate and align to provide a consolidated view of risks
PwC surveyed more than 2,000 CEOs, senior executives, board members, and professionals in risk management, compliance and internal audit, and interviewed dozens of executives and board members to explore what differentiates risk functions when it comes to digital transformation.
Shirley Machaba, PwC Africa Goverance, Risk and Internal Audit Leader says: “Risk professionals are at a critical point in time. Organisations are rapidly rolling out new digital initiatives in an arena defined by more data, more automation, sophisticated cyberattacks, and constantly evolving customer expectations.
“While many technology risks are not new, the stakes are now much higher as digital rollouts heighten risks beyond the technology itself. Emerging technologies are not only impacting the pace of change and the risk landscape, but also the role that internal audit plays in the organisation.”
Being more precise and predictive in important in an information-poor world. Only 22% of chief executives who responded to PwC’s 22nd annual CEO Survey called the risk exposure data they receive comprehensive enough for long-term decision-making – the same figure as ten years ago. This should indicate that risk functions are not harnessing the power of abundant data available.
Machaba goes on to add: “Our study shows that when risk functions are digitally fit, the benefits an organisation receives multiply in the forms of faster progress and greater-than anticipated payoffs on digital technology investments, and smarter risk taking.”
The study identifies the key components of an organisation’s ‘digital fitness’ as:
- Having in place the skills and competencies to strategically advise stakeholders on risk and provide assurance over the organisation’s digital initiatives
- Changing the risk function’s own processes, tools, and services so they’re more data driven and digitally enabled to anticipate risk events and respond to them at the pace and scale the organisation’s digital transformation requires
Machaba says: “Organisations with more-digitally-fit risk functions are seeing greater benefits from their digital initiatives, including more-effective management of transformation risk and more payoff than expected against planned outcomes, such as improved customer experience and increased revenue growth.
“Risk professionals need to consider investing more in time and resources to become digitally fit – they will ultimately reap the rewards of such investments.”