Deloitte’s latest extended enterprise risk management (EERM) survey has revealed that there is renewed focus on maturing EERM practices in most organizations.
The fourth annual EERM survey, conducted from November 2018 to January 2019, aims to “share experiences, opportunities, and challenges as organizations take their journey toward EERM maturity.”
More than three quarters of the respondents said that board and senior leadership have grown to have ultimate responsibility for EERM, which may have been prompted by recognition of underinvestment in EERM and mistrust of the uncertain economic environment.
“Organizations are trying to improve the management of third-party risk by investing in talent, cutting-edge technologies, and robust operating models. Dramatic shifts in the marketplace and push for efficiencies are contributing to an ever-increasing focus on EERM,” said Donna Glass, manager partner at Deloitte US.
“With a staggering 83% of organizations experiencing a third-party incident in the past three years and only a negligible 1% considering themselves ‘optimized’ to address all important EERM issues, it evidently reflects underinvestment in the EERM space.”
Meanwhile, 53% of the respondents wanted a more consistent and coordinated approach to EERM in organizational functions.
“Our 2019 survey reveals that boards are championing an inside-out approach to EERM, which includes better engagement, coordination, and smarter use of data. Leaders are also aspiring for greater innovation. This year we’ve seen the emergence of more succinct and real-time actionable intelligence, generated online, for boardroom reporting on third-party risks,” Glass said.
“More sustainable operating models for third-party risk management are being embraced – these are characterized by federated structures that are supported by centers of excellence and shared service centers, emerging technologies, shared assessments and managed services models, and a move toward co-ownership of budget.”
Deloitte predicted that the severe consequences of third parties’ negative actions towards organizations’ reputation, earnings, and shareholder value will continue to increase – driving organizations to invest in improving EERM processes and frameworks.