Recently I read a report, KPMG Internal Audit: Top 10 key risks in 2015, and it set me thinking. For risk professionals it’s great that our discipline is gradually being adopted across the business. It makes it easier for us to encourage our colleagues to engage with the risk management process and for them to understand the information that we need.
As we know, everyone should have some appreciation of risk management and its importance to the business. The report lists ‘Integrated and continuous risk assessment’ at number 8, something that enterprise risk practitioners would wholly applaud. It stresses the importance of on-going risk assessment, ensuring a common risk language and an understanding of company-wide risk. It even goes so far as to suggest that a holistic approach to enterprise risk assessment should be the starting point when building audit plans.
Risk needs to be understood and properly managed, so that it can be embraced to the benefit of the business. Risk and innovation go hand in hand and without a certain amount of controlled risk taking there is no business, and no growth. This means that we need to continue to evangelise the benefits of true risk management where we mitigate risk as well as capitalise on it.