MetricStream, the global market leader of Integrated Risk Management and GRC solutions, announced the results of a new survey on the State of Risk Management, post-pandemic. The survey found that while cybersecurity emerged as an even greater risk concern during the pandemic, organizations with agile integrated risk management (IRM) solutions responded better to pandemic-driven challenges.
“The pandemic has been a major catalyst for companies to reevaluate their risk management programs and adopt a future-ready risk program that is agile, integrated, and technology-driven,” said Gaurav Kapoor, Chief Operating Officer and Co-Founder, MetricStream. “It is no longer a matter of choice but the only option for organizations to thrive in these uncertain times.”
The MetricStream State of Risk Management Survey asked Chief Risk Officers and risk professionals across various organization sizes and industries for feedback on how the risk management industry has changed and adapted during the COVID-19 pandemic and what their key priorities are to combat the crisis. Respondents encompassed representatives from multiple industries, including financial services, telecom, technology, manufacturing, government, education, healthcare, and transportation.
Key Finding: The shift to digital during COVID-19 put cybersecurity risk at the forefront of organizations’ concerns. Nearly half of survey respondents (48.91%) listed cybersecurity as their top business risk, and this was even more prevalent among respondents in the Banking and Financial Services Industry (52.94%).
Key Finding: Organizations that had IRM programs were much more prepared for the swift changes in risk threats caused by the pandemic. More than half of the organizations (52.63%) that had deployed an integrated risk solution did not make any changes to risk programs and strategies due to the pandemic. The IRM approach ensured agility and operational resilience, enabling them to quickly respond to the sudden disruptions brought about by the pandemic. On the other hand, companies with traditional and siloed approach had to make significant changes to their risk management approach to contend with the new normal.
Key Finding: After the pandemic, risk professionals feel increased pressure to show the effectiveness of risk management and resilience programs. 61.96% of survey respondents said that determining the effectiveness of cybersecurity risk management is a top priority, while 45.65% said evaluating the strength of their operational resilience program and framework was most important.
Key Finding: The Banking and Financial Services industry is primed for a major overhaul of their risk management approach in the next several years. 58.33% of the total respondents from the Banking and Financial Services industry use risk management software but not integrated with other areas while only 26.32% said that they are using an integrated platform to manage risks.
Key Finding: IRM technology adoption still has a long way to go, despite the advantages it offers. Only 21% of survey respondents reported using one integrated tech solution for managing risk, cybersecurity, third-party management, and compliance. The remaining 79% use either office productivity software or risk management solutions that are not integrated with other functions.
The complete results of the MetricStream State of Risk Management Survey Report 2021 are available for download here.
They were first unveiled at the MetricStream GRC Summit, which took place virtually from Jun. 7-9.
This survey comes on the heels of MetricStream’s Arno software release, a major capabilities expansion to MetricStream’s Enterprise and Operational Risk Management, IT and Cyber Risk Management, Internal Audit Management, Policy and Compliance Management, and Third-Party Risk Management products. For additional information about this release and how it solves key risk challenges mentioned in the new survey, visit www.metricstream.com/arno.