Board Perspectives: Risk Oversight

Protiviti Board Perspectives
Hero Image Title: 
Board Perspectives: Risk Oversight
View or Download Title: 
View Board Perspectives: Risk Oversight
An effective board of directors is a champion of strong governance for the organization it serves. All aspects of its oversight role are germane to mergers and acquisitions (M&A) — with some oversight activities specific to M&A. The board’s oversight with respect to M&A mirrors its overall focus on advising the CEO — including offering a contrarian voice when necessary — regarding strategic matters, policy approval, enterprise performance monitoring, reporting transparency and enterprise risk management. Our discussion below is from the acquirer’s perspective. In 2016 and 2015, M...
Short-termism is not a new concept by any means, but it has become a hot topic of discussion for many boards of directors in recent years. In this article, we explore the implications of short-termism to the board’s risk oversight process and how the board can ensure its oversight is not compromised. Short-termism can mean many things, but it typically refers to an environment in which the focus on short-term results is so myopic that it results in the neglect of important longer-term interests. In a recent survey of more than 600 public company directors and governance professionals, 75...
Boards remain concerned with the security and availability of information systems and the protection of confidential, sensitive data from the commercial cyber war in which their organizations are engaged. Many executives think their risk tolerance is low, yet act as though it is relatively high, thus necessitating board engagement with cybersecurity A top five risk for many organizations across many industries, cyber risk presents a moving target as organizations undergo major IT transformations, accelerate cloud computing adoption, increase digitization investments, advance data and...
An effective risk assessment is fundamental to risk management and the board’s risk oversight process. Successful risk assessments help directors and executive management identify emerging risks and face the future confidently. An enterprise risk assessment (ERA) is a systematic and forward-looking analysis of the impact and likelihood of potential future events and scenarios on the achievement of an organization’s business objectives within a stated time horizon. In many organizations, the process begins with an articulation of the governing business objectives and a common risk language to...
We’ve always believed that boards should ensure that their organizations maximize the full potential of internal audit. There are four C’s directors should consider when evaluating the sufficiency of any risk-based audit plan: culture, competitiveness, compliance and cybersecurity. In 2016, The Institute of Internal Auditors  (The IIA) and Protiviti conducted the world’s largest ongoing study of the internal audit profession — the Global Internal Audit Common Body of Knowledge (CBOK) — to ascertain expectations from key stakeholders, including board members, regarding internal audit...
North Carolina State University’s ERM Initiative and Protiviti have completed the latest survey of C-level executives and directors regarding the macroeconomic, strategic and operational risks their organizations face. The top risks for 2017 provide insight as to what issues are currently top of mind for leaders around the globe. A recent survey conducted by the National Association of Corporate Directors (NACD) reported that, according to the vast majority (96 percent) of directors, “big picture” risks are overseen at the full board level. This view of risks includes those with broad...
A strong brand has a significant impact when it comes to driving shareholder value. What role should the board play in overseeing management’s stewardship of the company’s brand and/or brand portfolio? Branding is the process by which a company establishes a significant and differentiated presence in the marketplace that attracts and retains loyal, long-term customers. A brand is a non-generic name, logo, messaging and/or packaging used by a company to identify, source and differentiate its product and service offerings from competitors’ offerings. A strong, well-known brand is revealing, as...
In many organizations, board risk oversight is enhanced when the board and executive management are supported by an effective independent risk management function. Positioning the chief risk officer (or equivalent executive) and the independent risk management function – which we refer to collectively as “CRO” in this publication – to deliver to expectations requires an understanding of how the CRO role can succeed.  The ultimate advocate for risk management in any enterprise is arguably the CEO. However, CROs are unique in that they are often expected to provide a voice that champions the...
Many companies and industries are facing uncertainty when looking to the future. But how confident are organizations in executing their strategies successfully? More specifically, how can the board help the companies they oversee to face future uncertainty confidently?  Confidence is neither a cliché nor an assertion of mere optimism. Rather, it is a quality of the human spirit that drives leaders and their companies forward. Confidence in human endeavors is important, especially in today’s rapidly changing environment. Below, we explore the attributes of confidence that executives and...
Reputation risk is the current and prospective impact on earnings and enterprise value arising from negative stakeholder opinion. To one author, it is “the loss of the value of a brand or the ability of an organization to persuade.” To our right, we explore 10 essential keys for managing reputation risk.  While reputation is hard to define in terms of exactly what it really is, everyone agrees it’s a precious enterprise asset and recognizes when a reputation has been damaged beyond repair. Reputation is fragile. What takes decades to build can be lost in a matter of days.  Key...