Financial Times Research and Oliver Wyman recently conducted a survey of 350 executives around the world with the goal of better understanding how organizations view and respond to emerging risks. In addition, the survey highlights the effectiveness of risk identification tools and methods, as well as how risk information is communicated throughout an organization.

In the existing economic environment, most organizations are focused on events that are currently taking place, rather than those that will occur in the future. The turmoil of the past year has indeed tested the survival skills of businesses and brought the issue of risk management to the forefront of business topics. However, while the majority of organizations agree that emerging risks are significant, few have consistently applied and integrated risk information into their ongoing business and decision-making processes.

Key Findings

The survey found that the top five perceived global emerging risks are as follows: (1) global recession; (2) liquidity/credit crunch; (3) regulation policy risk; (4) financial market volatility; and (5) major country/economy collapse. Macro-economic and financial risks were seen as the most threatening, as businesses perceived these would have a greater impact in the future. In addition, risks that have been more recently emphasized by media and financial publications generally ranked higher than risks not recently mentioned.

The survey denotes that the implementation of risk management is a critical issue. While many respondents indicated that their organizations are now assessing risks more frequently, the risk management process by and large remains distinct from daily business decisions. In addition, several respondents mentioned that their risk identification process has evolved to better understand the risks and potential rewards, rather than merely the risks. This evolution of the risk management process has largely occurred as a result of the economic environment, rather than the realization that risk management is vital to the success of an organization.

In addition to the importance of risk management, the survey also highlights the significance of selecting the appropriate tools or methods for measuring risk. The survey identified the utilization gap of these tools by measuring those currently used by organizations, as well as the tools organizations believe should be used for this purpose. This survey component indicated that organizations have developed an over-reliance on internal tools and experts and should put greater emphasis on external sources and statistical analysis in the future.

Lastly, the survey findings illustrate that risk information is not effectively communicated throughout most organizations. While the majority of respondents provide risk information to their finance and treasury departments, only 68 percent of executive committees and 60 percent of boards of directors receive this information. In addition, less than 25 percent of human resources, research and development, and supply chain management departments receive risk information. In order for the risk management process to become more effective, organizations must first realize that risk is not simply an issue that can be delegated to a risk management department and forgotten about by all remaining employees in an organization.


The key survey findings point to the conclusion that risk management is most frequently disconnected from financial and strategic decision-making processes and provides limited value to an organization. The article offers the following three steps to organizations in order to better integrate risk information into strategic decision-making:

  1. Review the existing risk identification and assessment processes to determine if there are ways to enhance them by additional use of external data and a greater variety of risk identification techniques.
  2. Map the flow of risk information within the organization. Do the right people receive the right information at the right time?
  1. Examine the format of the risk information to determine if it is currently provided in an arrangement and a timeframe that support ongoing business decisions. Risk information should be integrated into the key performance metrics, strategies and operations of the business to ensure the risk taken is commensurate with the reward over a comparable time horizon.

Subscribe to ERM Insights

The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.

ERM Enterprise Risk Management Initiative 2009-08-01