3 Ways to Stop Risks From Falling Through the Cracks

Assurance teams that are not aligned may miss gaps in their risk management processes and corporate compliance.

Every day, sources of risk seem to proliferate. Assurance teams are under pressure to perform risk management and ensure corporate compliance under tight budgetary constraints. One way to do more with less is to coordinate risk assessments across assurance functions.

“Good coordination between functions makes risk management simpler,” says Cindy Zhang, Specialist, Research at Gartner. “First, risk leaders can be more confident that risks aren’t slipping through the cracks between functions, but it’s also important not to waste resources and organizational goodwill on duplicated work.” 

To help assurance leaders coordinate their risk management strategies, Gartner recommends three tools to get started.

C-Suite Imperatives in a New Normal

Coronavirus pandemic, racial tensions, economic downturn, climate change. Join a cross-functional panel of Gartner experts and former C-level executives to discuss how and why the C-Suite must adapt to the new normal.

Attend Webinar

Aligned assurance calendar

This is a simple step in today’s cloud-enabled world, but few assurance functions to date use shared calendars to increase the visibility of each function’s risk activities. If each function uses a shared calendar, color-coded for clarity, potential overlaps and synergies will surface more easily. 

For example, you might notice that both compliance and privacy plan to send out risk surveys in the same month. Why not combine them into a single survey? The burden on the overall workforce is reduced. It should also boost the survey response rate while encouraging two distinct assurance functions to collaborate with each other. 

Risk coverage quality mapping

It’s important to have a way to confirm who “owns” risk across an organization and what that coverage looks like. This enables assurance teams to target their efforts toward areas in which risk ownership or corporate compliance is patchy or lacking.

To this end, assurance functions should work together to create a risk map in which they identify each major risk and score its coverage from 1 to 5. A “5” means the function is concentrating resources to mitigate that risk. A “1” indicates that the function is only conducting a high-level review. By collaborating to score risk coverage in this way, assurance functions can more easily monitor and control risks consistently across the organization.

Calibration of risks across assurance

This is all about making sure that each function is aware of what others are  doing in assurance. Start by having each function work separately to rank their top risks and what they are doing about them. Then bring the teams together to explain their rankings and discuss any differences.

This enables assurance functions to collectively create an integrated risk management process, which can save hundreds of hours of duplicated work. Moreover, these functions can improve overall risk management and present a unified message to stakeholders. It can also help to address questions the board of directors will inevitably ask of assurance.

Read more: 5 Shifts Audit Must Make for the Future

This article is based on insights that are part of an in-depth collection of research, tools and advice available to Gartner clients. Gartner Risk Management Leadership clients can read 3 Tools to Align Risk Assessments Across Assurance by Cindy Zhang and find information on Aligned Assurance Through Assurance Mapping. Gartner Audit Leadership Council clients can access Aligned Assurance Calendar Template.

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching