Although risk managers are taking on more strategic roles in their organizations, a disconnect still exists in many organizations between how risk managers and senior leaders view the role of risk management, according to a new survey published by Marsh and RIMS.
An overwhelming majority of risk managers and C-suite executives responding to the ninth annual Excellence in Risk Management study agreed that expectations of the risk management function have increased in recent years. Yet the two groups differed in their views on whether the role should be primarily defensive or anticipatory.
C-suite respondents increasingly expect risk managers to be more involved in their organization’s overall business strategic planning efforts and to lead enterprise risk management activities. However, when asked about the C-suite’s increased expectations, most risk managers believed their priorities to be integrating more deeply with operations, providing better quantification and analysis on risk management, and executing daily activities more efficiently.
“The C-suite clearly is telling the risk manager to grab hold of strategic risk management,” said Brian Elowe, a managing director in Marsh’s Global Risk Management Division. “Risk managers who are not seizing this opportunity should assess the resources they need to help meet management expectations.”
The report also found that C-suite respondents and risk managers had differing views on the strategic value of total cost of risk (TCOR) measurements. Sixty-eight percent of risk managers said that they use TCOR measurements, but many C-suite respondents did not seem to be aware of this: 51 percent said that their companies do not measure TCOR. Even in firms where C-suite respondents understand that TCOR is being measured, they show little awareness of what goes into the calculation, an indication of the relatively low value they place on it.
”Measurements such as total cost of risk can bring certain value to risk management budgeting and benchmarking, but they do not necessarily give senior leaders the strategic view of risk they are seeking,” said Nowell Seaman, Manager of Risk Management and Insurance at the University of Saskatchewan and a member of the RIMS Board of Directors. “Organizations are better served when risk managers engage in strategy planning and strategy execution efforts by developing a formal strategic risk management framework, and consolidating the disparate emerging risk communication channels that already exist in organizations.”
Other significant findings from the survey include:
- More than one-third of respondents said that the economic downturn led to an increase in the use of analytics in risk management. An almost equal number said the downturn increased their companies’ focus on risk volatility, an important measure of how divergent actual losses may be from expected losses.
- The presence of broad-based risk committees at companies held steady at just over 60 percent in 2012, after showing a steep rise between 2010 and 2011. About 40 percent of respondents at companies without a cross-functional risk committee say their organizations should create such committees.
- Among respondents whose organizations were affected by a natural catastrophe in 2011, 75 percent said their company will re-examine its approach to a number of risk management areas. More than two-thirds of those respondents say that they have already done so.