The current pandemic has helped organisations confirm the criticality of further digitising their business value chains, fuelled by the need to operate remotely and to provide greater access to the workforce to better enable the performance of their tasks.

By Mark Victor, IRMSA Risk Intelligence Committee Member

As a result, there is wide recognition that digitisation of business processes is set to increase significantly in the years to come, potentially at an exponential rate.

The impact of this business transformation should not be ignored by risk practitioners, as it comes with significantly greater risks and opportunities, and business leaders need to fully understand the potential strategic choices to make in redirecting their strategy, whilst carefully managing the real risks introduced by a digital future.

An excellent example of this has been the global impact of reliance on financial models and algorithms that have replaced many of the decisions that have traditionally been made by humans, which has contributed towards increased market volatility as a result of automated share trading, the global credit crunch as a result of flawed assumptions and the underestimation of the global systemic impact of these exposures, and increasing impact of robotics in everyday life, which is now broaching on the future of mobility.

The fourth industrial revolution is driving exponential change, with the advent of new digital eco-systems, business and service models that are impacting the very core of what organisations do and the products and services they provide from the way they interface with their customers, manage and operate the enterprise, and even the future of work and the workforce.

This is translating to new operating models, new products, new digital and technology strategies that need to be supported by evolving technology platforms, data and infrastructure. This requires a change in corporate culture, strong leadership direction and possibly even a reimagined corporate brand and focus.

Whilst the governance and management of enterprise IT and risks has received more attention over the last decade, the current risk focus is inadequate to respond to the digital future we all are expected to face in our organisations and an approach that is strategic, focussed and proactive is essential in understanding the potential and uncertainties relating to this future.

Risk considerations go beyond the identification and management of emerging technology and cyber risks, and need to extend to the careful assessment of strategic risks and opportunities, ethical and reputation risks, people and culture risks, legal and regulatory risks, and also execution risk.

Key questions to consider include:

  • Does the risk function understand the organisations digital strategy (based on market and competitor trends) and how well is management managing the transformation implications on the organisation?
  • Do we have the digital skills and capabilities to deliver on the strategy?
  • Is there a holistic understanding of the impact on key stakeholders, including customers, the workforce, suppliers and the broader community?
  • Is there a clear understanding of the potential risks within the strategy and execution program, including the consideration of ethical risks, data privacy, safety and the increased reliance on machines and AI to drive decision making?