Inherent Risk & Maturity

A renewed set of drivers, directly aligned with long-term value creation and cost savings, have begun to motivate organizations to increase their dependence on third-parties, thus forming the extended enterprise. Forty-one percent of respondents reported “some” increase in their dependence on third-parties in the previous year and eleven percent reported a “significant” increase. In turn, this has forced companies to consider investing in holistic and integrated programs to manage extended enterprise risks, brought about from increased third-party involvement.

Business Case & Investment

Centralized Control

Prior surveys have confirmed that the majority of global companies were equally or more decentralized than they were centralized across operating units/entities. However, the aforementioned dominance of third-parties forming the extended enterprise in these decentralized operating units/entities presents potential concerns. A critical, organization-wide matter should not be left to the discretion of external personnel, so decentralization has been scaled back. Mainly, companies introduced centralized ownership and management of the various elements in their extended ERM framework to combat these concerns.

Emerging Technologies for ERM

Organizational Accountability

Ultimate ownership and accountability for EERM suggests it is well and truly established in the C-suite roles with need for improvement in engagement. Seventy-eight percent of organizations suggest that the CEO, CFO, CPO, CRO or Board member is ultimately accountable for EERM. Also, executives who are under direct Board/CEO supervision have seemed to face significant accountability.

The majority of organizations believe there is substantial room for improvement in the level of engagement on the EERM agenda by Board members and risk owners. This is a common trend among new ERM phenomena and is only made more difficult with third-party involvement. Only twenty percent of Board members engage at a high level, suggesting that eighty percent of Board members only moderately interact with EERM agendas and initiatives, for which they are usually held accountable.

Link: Deloitte | Third-Party Governance/Risk Management: Extended ERM Global Survey 2018

Subscribe to ERM Insights

The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.

ERM Enterprise Risk Management Initiative 2019-04-30