Two-thirds of large enterprises (revenues over $5 billion) have encountered material risk events in the last three years. Almost half of those were not prepared for the event. Only half of the survey participants have any formal risk management program.

The report, published by IBM, indicates that CFOs have trouble prioritizing risk and ranked almost all risks equally as “very important.” They also may be missing some important strategic imperatives: Two agenda items that the CFOs ranked lowest in importance – managing/mitigating enterprise risk and driving integration of information across the enterprise – are key differentiators for outperformers in revenue and stock price growth. 

Overview of Study Findings

This CFO survey was conducted by IBM’s Global Business Services division, in cooperation with The Wharton School and the Economist Intelligence Unit.  The team posed 34 questions to more than 1,200 CFOs and senior-level finance professionals in five major sectors and across 79 countries.  The purpose of the survey was to determine the state of risk events within organizations surrounding the world, and the status of current management processes to address risk events.

Key findings include the following:


  • Sixty-two percent of enterprises surveyed with revenues over $5 billion (U.S. dollars) encountered a material risk event in the last three years.
  • Of those, 42 percent admitted to not being well prepared for the event.
  • Forty-six percent of enterprises surveyed with revenues under $5 billion (U.S. dollars) had a major risk event and 39 percent were not well prepared.
  • Risks arise from many activities beyond financial related risk drivers.  Eighty-five percent of risk types that led to a company’s market capitalization decline of 30 percent or more were non-financial in nature.
  • The most frequently mentioned risks (32 percent of respondents) related to strategic risks, which are risks related to markets, customers, products, M&A activity, and other business topics.
  • Geopolitical and environmental/health risks were also more prevalent than financial risks.
  • Only about 52 percent of all surveyed acknowledged having any sort of formalized risk management program.
  • CFO’s have difficulty prioritizing risks – nearly every finance activity in the survey was categorized as “very important.”  But, there were gaps as wide as 38 percent regarding how effective they were at tackling those activities.
  • Only 42 percent of respondents do historic comparisons to avoid risks and only 32 percent set specified risk thresholds, with only 29 percent creating risk-adjusted forecasts and plans.
  • The study identified two major differentiators for financial outperformance:
    • Increased effectiveness in driving integration of information across the enterprise
  • Increased effectiveness in supporting, managing, and mitigating enterprise risk


The Integrated Finance Organization

The authors’ interviews and statistical analyses assisted them in understanding what characteristics information integration across an enterprise should possess. They consider these components part of good governance and what they call the, “Integrated Finance Organization” or “IFO.”

IFOs help to drive integration of information across the organization.  Analysis shows that common data definitions, a standard chart of accounts, and standard common practices enterprise wide are strongly correlated to increased effectiveness at driving integration of information.  Thus, globally mandated standards for all finance operations across the enterprise can be a critical success factors and IFOs help provide that leadership. 

The survey finds that enterprises with IFOs had revenue growth rates nearly double that of their industry peers. IFOs are often more prepared for risk because they are more aware of risk, which allows them to be more responsive to risk events. 

IFOs self-report that they are 1.4 times more likely than non-IFOs to be effective at supporting, managing, and mitigating enterprise risks.  IFO’s are twice as likely to be prepared for major risk events, and IFOs claim they are 1.3 times more aware of risks.  Thus, integration of key finance components within the organization creates significant strategic advantage.

Providing the Truth

Outperformance and risk management are about getting to the truth.  IFOs get the truth in a consistent manner as a result of their enterprise standardization. The consistent accuracy of information helps move an organization from transactional to analytical handling of information – “taillights to headlights.” In contrast, non-IFOs often find that every layer and organizational segment requires a level of interpretation or reconciliation to provide a unified point of view.  For them, the lack of integration makes the roll-up of information difficult and often less meaningful.

Two actions are essential to providing the truth: establishing global standards through process ownership and simplifying the enabling systems and organizational structures.

Managing the Risk

Survey findings indicate that enterprises are looking to the CFO for leadership in risk management. CFOs are uniquely positioned to determine and guide the overall enterprise risk profile.  CFOs intrinsically understand that reward is tied to risk.  The authors assert two actions that are keys to managing risk: the CFO’s orchestration of risk management and the convergence with performance management.  Seventy percent of the survey respondents of enterprises that are already effective at supporting, managing, and mitigating risks formally document and communicate the enterprise’s appetite and tolerance for business risk.  They are looking more and more towards using the same techniques that they use to measure performance to manage risks.  Effective organizations proactively manage risks to close performance gaps.

CFOs can be a leader in this charge, armed with facts and truths about the enterprise.

Click below to download full report.

Link: The Global CFO Study 2008: Balancing Risk and Performance within an Integrated Finance Organization, Rogers, Stephen, Stephen Lukens, Spencer Lin, Edwina Jon. IBM Global Business Services in cooperation with the Wharton School and Economist Intelligence Unit. Published by the Wharton School, University of Pennsylvania, and IBM Global Business Services, 64 pages, 2007.

Subscribe to ERM Insights

The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.

ERM Enterprise Risk Management Initiative 2007-10-01