7 New Year’s Resolutions for the Risk-Averse C-suite

Many C-suite executives remain risk-averse even with the stock market hitting record highs, and the prospect of a Trump administration focused on deregulation. It’s understandable. A third-party vendor located thousands of miles away can wreak havoc on operations. Information security concerns can give the board sleepless nights. Complying with regulations like SOX, Dodd-Frank, and the Affordable Care Act can overwhelm compliance and audit staff.

Fear not, risk-averse C-suite members. Adopt these New Year’s resolutions designed to instill confidence, enhance risk management, and increase awareness to opportunity.

  1. Give up using spreadsheets for compliance and risk management activities.
    It’s amazing that companies still use spreadsheets, emails, docs and other manual office tools when a governance, risk management and compliance (GRC) platform is designed for integrated risk management processes. Discover one such platform here.
  2. Improve visibility across the organization.
    A recent study found many executives are unaware of company compliance standards. Twenty-five percent surveyed were unsure who was principally responsible for information security and privacy at their organizations. You can’t react to or impact what you can’t see. In 2017, resolve to get the enterprise-wide view that comes with having a GRC platform.
  3. Learn how to turn risk into a competitive advantage.
    With better risk management, a company can take on more risk to the degree that it becomes a competitive advantage. For example, a company uses a GRC platform and a defined risk assessment process to give a proposed joint venture a thorough vetting. On the contrary, the risk-averse C-suite member would outrightly pass on the joint venture and miss the opportunity.
  4. Start to strategize the company’s maturity level with GRC.
    A GRC platform isn’t something the company procures and plugs in. While a platform can be implemented fairly quickly, the true value of a GRC platform is cumulative. Knowing where to begin starts with knowing where you are. Are you new to GRC platforms? Are you integrating risk management processes enterprise-wide? Find your starting point and evolve from there.
  5. Face the prospect of a data breach in 2017.
    One of the top three reasons companies switch to a GRC platform is because of an unfortunate event, which usually turns out to be a data breach. Often, it has less to do with technology and more to do with an employee. Why wait for something bad to happen to take action?
  6. Discover why IT risk is often organizational risk.
    In a study of members of the Association of Financial Professionals, those surveyed were less concerned about damage from a cyberattack like fines, restitutions, and lost business. Their greatest concern was damage to their organization’s reputation. In other words, an incident that may seem restricted to IT can impact the supply chain, the stock price, even the company’s reputation.
  7. Volunteer to be a GRC champion.
    Major initiatives that impact the entire organization don’t get done without executive leadership. In 2017, why don’t you take the lead in discovering if a GRC platform can help your company address integrated risk management processes? Start with a platform demo.

2017 is shaping up to be a year focused on change. Companies that can adapt quickly to change and see opportunity where others see challenge stand to profit. For risk-averse C-suite members, you can leverage your natural inclination for risk avoidance by adopting a GRC platform or switching to one that delivers integrated risk management process. A healthy, holistic view of risk is key to adapting and making the most of whatever 2017 brings.

Related Articles