In a recent AuditBoard survey of audit and risk professionals, 81% said they believe the risk environment is unlikely to return to more stable pre-pandemic conditions in 2021, but will continue to be “dynamic and unpredictable.” Respondents said that the most pressing risks in 2021 would be economic conditions impacting growth (27.6%), cybersecurity threats (27%), business continuity and crisis response (12.8%), data/privacy protection (9%), and fraud (8%). While this complex risk environment has prompted almost 80% of organizations to change their business strategies, this has not necessarily translated into a greater emphasis on enterprise risk management. Only 16.1% reported having an advanced ERM program that provides input into both internal audit planning and daily decision-making processes.
To provide more valuable risk insights that impact decision-making, audit and risk professionals will need to increase the frequency of risk assessments and advance overall risk management methodologies and systems. Respondents said that their top three priorities for risk management in 2021 are: increasing the focus on strategic risks; enhancing the quality, availability and timeliness of risk data; and identifying and managing new and emerging risks.