How to Get Leadership to Act on Risk Information

ERM leaders must make it easier for senior executives to understand risk information in a way that leads to action.

In the rush to expand into new markets, senior executives at one global financial institution approved the launch of a product that inadvertently exposed the company to significant risk. Risk assessments flagged the company’s vulnerability, but senior management failed to respond to the enterprise risk management (ERM) team, resulting in significant costs to the company.

This is not an isolated situation. Nearly 80% of surveyed heads of ERM reported increasing the impact of their risk reporting as a top priority in our 2018 Risk Management Agenda Poll. However, despite this common goal, 77% of ERM leaders still believe their information fails to drive action.

When risk information is “low-effort,” it’s 1.8x more likely to drive action than other endeavors

“Most ERM leaders blame this lack of executive attention to their risk reporting on poor data quality and integrity,” says Matt Shinkman, managing vice president at Gartner. “Many argue that using more quantitative risk information and increasing the use of leading indicators will increase the decision influence of their risk information.”

The problem is that providing data doesn’t necessarily result in action.

5 Things the Best General Counsel Do Differently

Most GC don’t have the impact or influence they should — or desire. Learn the hallmarks of standout GC.

Download eBook

The key to drive action

Rather than focusing on improving data quality, ERM leaders must work to reduce the level of effort it takes for executives to act on ERM information. Gartner research reveals that when risk information is “low-effort,” it’s 1.8x more likely to drive action than other endeavors.

Our research found that ERM leaders can take three steps to reduce executive effort:

  1. Make risk reports easy to consume: Use compelling visuals and clear language to help executives quickly and easily understand and interpret risk information.
  2. Make them relevant to what executives care about: Understand and link to executives’ priorities and upcoming decisions to make risk information more relevant.
  3. Align information with other sources: Partner with other functions in the organization to prepare a consolidated report that reconciles differences in information.

Not only does this approach improve the likelihood of action, it also increases the likelihood of receiving explicit positive feedback, requests for further information and invitations to participate in other management discussions.

Gartner for Risk Management Leadership Council members can read more in Risk Reporting That Drives Action: The Path to Reducing Executive Effort and watch the webinar replay.

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences


Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching