Skip to main content
ERM Frameworks and Best Practices

2024 Global State of Risk Oversight: Managing the Rapidly Evolving Landscape

7th Edition, October 2024

cover fo 2024 global risk oversight

The ERM Initiative, in partnership with the AICPA & CIMA, is pleased to provide its 2024 Global State of Risk Oversight Report that provides insights about the state of risk oversight practices in organizations around the globe.

This report contains data from 623 executives around the world reflecting the nature of risk management practices at a global level, with specific reporting of information across four separate geographic regions:

  • Europe and the U.K.
  • Asia & Australasia
  • Africa & the Middle East
  • United States

Overarching Realities about the State of Risk Oversight

The report expands upon a number of important insights about the overall level of maturity and effectiveness of risk oversight processes within organizations around the world in 2024.

Key risk management themes include:

  • Uncertainties abound that can introduce highly complex risks that can interconnect to create significant, and sometimes catastrophic, events to manage.
  • Business leaders may not be sufficiently investing in their organization’s approach to risk oversight.
  • There continues to be a struggle to link risk oversight with strategic implementation.
  • Organizations are now pinpointing an individual to lead the organization’s risk management process in about one-half of the organizations surveyed, suggesting greater recognition that leadership is needed if risk oversight is to be value adding.
  • Boards of directors are placing greater expectations on senior executives to be more engaged in risk management activities.
  • While many organizations have implemented fundamental elements of an effective risk oversight process, there are large percentages of organizations that are lacking some of the basic risk identification components.

ERM Benchmarking Data

This Global State of Risk Oversight report provides extensive data from entities around the world about a number of risk management processes.  The report includes data that organizations can use to gain insights from 623 organizations about the following:

  • How do executives around the world view the riskiness of the global business environment?
  • What is the state of risk oversight maturity and how robust are underlying processes? What percentage of organizations embrace “ERM” as an approach to risk management?
  • What is the intersection of risk management and strategy, and to what extent are risk insights being used to inform strategic decisions?
  • How common is it for organizations to appoint a chief risk officer or to create a risk committee?
  • What is the board’s approach to fulfilling its risk oversight responsibilities?
  • What are the common elements of an organization’s risk management processes? To what extent do organizations have formal processes for identifying, assessing, and monitoring risks?

ERM Diagnostic Questions

The report contains a number of suggested discussion topics that executives and boards of directors can use to engage in conversations about the effectiveness of their organization’s approach to risk management. An example of questions related to the linkage of risk management and strategy are shown in the chart shown here.

SUGGESTED TOPICS FOR BOARD AND MANAGEMENT DISCUSSION

  1. To what extent is our organisation’s risk management process providing helpful insights for making important strategic decision
  1. What types of risks (financial, operational, compliance, strategic, other) dominate C-Suite and Board of Director risk discussions? Is sufficient time given to external issues related to strategic issues, such as emerging technologies, competitor moves, unexpected entrants to the industry and other market issues?
  1. To what extent does our organisation’s approach to strategic planning, business plan development, and budgeting explicitly request insights about risks addressed or potentially created by those plans and requests?
  1. When senior executives and the Board of Directors engage in strategic planning discussions, what kinds of risk insights, if any, are they requesting the ERM function to share?
  1. How are differences in risk conditions considered when senior executives
    make budgeting and capital allocation decisions?

For each topic noted above, the report includes five unique questions that may help spur robust discussion about opportunities to enhance risk oversight in their organization.

  1. Engage in conversations about risk management.
  2. Identify opportunities to integrate risk management with strategy.
  3. Pinpoint enterprise-level risk leaders to serve as risk champion.
  4. Enhance fundamental risk management infrastructure.
  5. Dialogue with the board about emerging risks.

Looking for additional ERM resources?  Be sure to visit our ERM Resource center section of our website and take advantage of our ERM Executive Education opportunities.