Top Risks to Consider in 2021

In a year full of disruption and change, one thing remains the same – the existence of risk.  While the types of risks we face may evolve and the perceived likelihood and impact may change, organizations will continually be faced with the need to identify, assess and manage risks in order to effectively achieve their objectives and initiatives.   The Institute of Internal Auditors (IIA) recently released its report OnRisk 2021: A Guide to Understanding, Aligning and Optimizing Risk, which provides perspective from key members of risk management functions and offers insight on potential areas of focus over the next year.

OnRisk 2021 was developed from qualitative interviews conducted with 90 professionals to capture viewpoints of the boardroom, C-suite and chief audit executives. This data was further supplemented by results from a quantitative survey conducted with 348 chief audit executives.  Results were analyzed to draw conclusions on how the three roles aligned, both regarding the risks that exist within organizations and how well-equipped those organizations are to manage the threats. Several key insights resulted from the report.

Top 11 Risks

The following were identified as the top 11 risks that organizations have identified are top of mind for 2021:

  1. Cybersecurity
  2. Third party
  3. Business continuity and crisis management
  4. Data governance
  5. Organizational governance
  6. Board information
  7. Talent management
  8. Culture
  9. Sustainability (Environmental, Social and Governance - ESG)
  10. Disruptive innovation
  11. Economic and political volatility

Three new risks--organizational governance, disruptive innovation, and economic and political volatility--were added since the IIA’s 2020 list.  This is not surprising, given the past year.  A year challenging the norms of how our companies are managed.  A year where innovators who embrace risk have risen to the top.  A year where global pandemics, national elections, and the related policy and regulatory changes have created economic and political volatility.

Cybersecurity and business continuity and crisis management were the top-rated risks for 2021.  While cybersecurity was also a top risk in the 2020 report, it is heightened in 2021, as companies now have employees operating in less-secure work-from-home scenarios with more reliance on technology than ever before.  The past year has also put business continuity and crisis management plans to the test, as many companies were forced to utilize a portion or all of them for the first time ever, which brings higher attention to the topic.

Risk Relevance Perceptions

The IIA reported that while board members and chief audit executives had alignment on which risks were the most relevant, their perspectives did not necessarily align to management’s perceptions.  Specifically, management’s perception was that operational risks, including talent management, culture and business continuity, had higher relevance, while the more macro-level risks, such as organizational governance and economic and political volatility, had lower relevance. 

Ability to Manage Risks

Results of the survey show that perceptions on an organization’s ability to manage risks are becoming more aligned between management and boards than what was detailed in the 2020 report, which noted that boards were overconfident in an organization’s ability to manage risk.  The IIA suggests that perhaps the pandemic prompted more communication around risk within organizations, resulting in a more realistic understanding of capabilities to manage risks.

The areas noted above should be considered as companies assess risks in the coming year.  As the risks included within this report are fairly industry-agnostic, it’s important for your organization to also consider industry-specific risks that may impact you directly.  Alignment across all levels of the organization on how risks are identified, assessed and managed continues to be critical.  A well-established enterprise risk management program that is right-sized to your business and aligned to your strategies and objectives can help you proactively manage risk, reduce negative surprises, embrace risks to act on opportunities, and bring value to your organization. 

Interested in learning more about how to identify, assess and manage risks within your organization? Contact our Risk Advisory Services team by emailing us at [email protected].   For the complete report, click here to download OnRisk 2021:  A Guide to Understanding, Aligning and Optimizing Risk.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2021 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
How To Scope a SOC 2 Audit
Do I Need a SOC 2 Type 1 Before a SOC 2 Type 2?
Pandemic Costing American Women Now and for 20 Years
Why Do CPA Firms Perform SOC 2 Audits?
What Financial Institutions Need to Know About R-SAT
Fact or Fiction: SOC 2
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

[email protected]
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

[email protected]
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102

[email protected]
p:571.380.9003

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.

×