Partner, Internal Audit and Governance, Risk & Compliance Leader, PwC New Zealand
Over the last year we’ve seen the risk landscape change.
With more people working from home, cyber security and information security risks have increased. You’ve got people dealing with highly sensitive material in a home environment and friends and family in close proximity. Documents and screens can easily be viewed and telephone calls overheard. This significantly impacts confidentiality. It’s something businesses have to actively address.
We’ve also seen an increased focus on risk in change. Organisations are looking at how they can take cost out and do more with less. This is true for companies that haven’t been massively affected by COVID-19 too. It’s an opportunity to reassess how they are operating and build back better to their strategic advantage. But, change has risks. Organisations who consider risk early, as well as design the change, are the ones who come out as the winners.
Many organisations have realised they have not done enough about emerging risk – those risks that are beyond the strategic planning horizon but need to be on the radar. Likewise, there has been insufficient focus on ‘black swan events’ – the catastrophic and rare risks. These events are getting more focus. Not for the risks that may exist in them, but rather the impacts that will result from them.
This shifts the conversation to the catastrophic end of the spectrum and we’re seeing boards wanting to really understand this. They are asking the questions – are we doing enough and should we be doing it differently?
It’s important that businesses capture all the learnings they’ve gained over the last year and factor these into their business continuity framework. It will lead to better outcomes.
of New Zealand CEOs are rethinking their organisation’s tolerance for
are increasing their focus on collaboration with supply chain partners to manage risks
are taking the opportunity to increase their focus on digitising their risk management function