The report is based on results from two surveys—one to ERM practitioners, and one to system providers—and is intended to provide insight to risk practitioners at the beginning and intermediate stages of adopting ERM.
The results of the user survey highlight the immature nature of the ERM technology market, according to RIMS. Desktop applications such as Microsoft Office products were the most commonly cited tools, followed by a variety of other solutions, including customized systems.
Monitoring risks, data storage and analysis are the most commonly identified functionality of the ERM technology solutions employed by the survey respondents. Comparing current usages and desired future usages, the ability to address interdependency of risks was the most sought-after future functionality.
“Technology can provide strong support for an ERM process; however, practitioners must make certain that the system is user-friendly and flexible enough to accommodate the changes that most ERM programs experience over time,” says Leslie Lamb, member of RIMS Technology Advisory Council and risk manager at Cisco Systems Inc.
The RIMS survey isn’t the first to highlight the lack of ERM fundamentals. A survey of KMPG LLP’s internal auditors and board members reveals that many companies are falling short in three critical areas of their ERM programs—risk culture, risk management processes and technology.
Approximately 130 respondents, including a mix of senior internal audit executives and board members across all industries, including insurance, participated in the survey. More than half the survey respondents (58%) reported deficiencies around risk culture, namely, that their company's employees had little or no understanding of how risk exposures should be assessed for likelihood and impact.
This story can also be found at InsuranceNetworking.com.
This piece is brought to you by the editorial staff of SourceMedia.
Be the first to comment on this post using the section below.