Identifying, assessing and managing risks to objectives is vital for the success of any organisation. The speed of change within organisations and in the wider external environment means organisations need to be alert to the most significant risks they face.
The Institute for Internal Auditors (IIA) has recently completed its annual business risk survey of heads of internal audit. Whilst this survey focuses on businesses the results are applicable to organisations across all sectors.
The top 10 risks identified in the Risk in Focus 2020 survey were:
1. Cybersecurity and data security - 78%
2. Regulatory change and compliance - 59%
3. Digitalisation, disruptive technology and other innovation - 58%
4. Outsourcing, supply chains, and third-party risk - 36%
5. Business continuity / resilience - 31%
6. Financial risks - 30%
7. Macroeconomic and political uncertainty - 29%
8. Human resources - 27%
9. Corporate governance and reporting - 26%
10. Communications and reputation - 22%
All organisations should protect themselves against the most significant risks they are facing. Using surveys like this and its associated advice and guidance is one way to check that controls and mitigations are appropriate. You can watch the IIA's video below highlighting the key findings.
Veritau conducts its own risk assessments when determining which areas of its client organisations to audit and agrees these in consultation with senior managers. In addition, Veritau provides risk management services to its clients, including facilitating workshops where managers identify and assess their critical risks.
Please contact Veritau if you have any questions or want any advice about risk identification, assessment and mitigation.