As organizations face pressure to innovate, risk executives need to help them strike the right risk-reward balance to succeed. PwC explored this challenge in its 2018 Risk in Review Study of more than 1,500 senior risk executives, globally. Adapters — those with programs that tackle innovation-related risks somewhat or very effectively — practice five actions that set them apart. And their programs exert much more influence over decisions about innovation.
Risk management program's ability to influence decisions about innovation
Q. What is your risk management program's level of influence and ability to effect a change in decision-making about the listed activities?
Base range: 522-1,036
Source: PwC, 2018 Risk in Review Study
Risk executives need to weigh in early about novel initiatives as the pace of innovation accelerates and the appetite for the accompanying risks grow. Thus, the Adapters differ in when and how they engage in innovative activities.
Adapters and their programs differ in when and how they engage in innovation
Q. With regards to the risk management function’s performance today, to what extent do you agree or disagree with these statements?
Base: 1,183 (excludes disagree and neither/nor)
Source: PwC, 2018 Risk in Review Study
Adapters use a range of approaches to manage risk exposure from new initiatives. Entering a new industry or forging a partnership, for example, may require sharing the risk. By contrast accepting the risk, adjusting the risk appetite or revisiting goals for deploying AI or IoT are potentially more suitable.
Adapters more often take multiple actions to manage innovation risk exposure
Q. Which of the following actions has your organization undertaken to manage your organization’s risk exposure from the innovative activities you selected?
Base range: 220-830
Source: PwC, 2018 Risk in Review Study
An organization’s risk appetite is grounded in opportunity and competitive pressures. To capture value from innovation while closely tracking risk, quick, calibrated and disciplined adjustments to risk appetite and tolerances are critical. Continuously communicating such changes with the board, internal auditors and business leaders helps them act on incoming data.
Adapters more often adjust their risk appetite and share the risk
Q. Which of the following actions has your organization undertaken to manage your organization’s risk exposure from the innovative activities you selected?
Base range: 177-644
Source: PwC, 2018 Risk in Review Study
Adapters are much more likely to say they add new skill sets, expand continuous risk assessment, and leverage new technology for more real-time information.
How risk executives are adapting capabilities to support innovation strategy
Q. How are you adapting your risk management capabilities to more effectively influence and enable your organization’s innovation strategy?
Base: 1,183 (excludes none of the above/don’t know/not adapting)
Source: PwC, 2018 Risk in Review Study
Examining effectiveness using multiple metrics can help risk executives shore up areas where they fall short or are vulnerable, so that the C-Suite and board can rapidly make decisions about strategic initiatives while the business steps in to address any risk profile misalignments against risk appetite.
Metrics used to measure effectiveness of risk management activities
Q. Which financial or operational metrics does your organization use to measure the effectiveness of its risk management activities?
Base 1,183 (excludes do not plan to use/don’t know)
Source: PwC, 2018 Risk in Review Study
“Risks from innovation rise in complexity and potential impact daily. Our study shows that risk executives who successfully tackle innovation-related risk do so with a distinct set of practices. These ‘Adapters’ are also nearly twice as likely to say that their function helps boost the odds of success across the business.”
Survey respondents hold the titles of Chief Audit Executive, General Auditor, Board or Audit Committee Member, Audit Committee Chair; Chief Compliance Officer, Head of Compliance, Chief Ethics and Compliance Officer, Chief Financial Officer, Chief Executive Officer, Chief Operations Officer, Chief Risk Officer, Head of Risk Management, Director of Risk, Chief Information Officer, and Chief Technology Officer.
The research for the study was undertaken by PwC Research, our global center of excellence for primary research and evidence-based consulting service. The base for all figures is 1,535 (all respondents) unless otherwise stated. For some questions in which the number of responses may vary, we provide a base range. This is often because response options branch from an earlier question and thus change the sample size per response.