;)
Every year corporate boards have several issues that surface or carry over from previous discussions. The risk a company is exposed to on a daily basis is sure to be on the minds of many this year. Some boards have a risk committee in order to identify and monitor the various risks—technology, economic, financial, fraud and consumer backlash. What is a board to do to reduce the exposure to risk? Does it matter if there is a separate risk committee, or if risk falls under the responsibility of the audit or the entire board? The bottom line is that this topic is going to be an important one for 2012 and beyond.
Theodore L. Dysart
The economic concerns of the past few years have made boards associate risk with financial and fraud issues. These are certainly valid areas that need to be addressed. But risk to the enterprise is much more than just these two areas. Technology risk exposes companies to a variety of risk factors. There is risk from cyber-attacks—what is your company doing to protect its customer data? There is risk exposure from emerging technologies like social networking, cloud computing and mobile computing. Do you have the right people on the board that understand the complexities of new technology? Does your board need a member that is a CIO, CTO, social media expert, a C-level executive from a high technology company, or a young savvy executive that has developed and grown with emerging technologies? Unfortunately, there is no one executive that fits every situation among companies in various industries and complex structures. But, has your board identified the risk exposure and how to make sure the board is well advised in these areas?
Social media has never been more influential. All it takes is a few words over Twitter, a Facebook page denouncing corporate practices, blogs, or a viral video to rally support against a company. Every aspect of a company from executive pay, to political contributions and even the sustainability of products, are all potential targets for risk. Does your board have insight into public opinion that may exist over social media? If your board does not have that insight, you should. Between 2010 and 2011, Twitter’s tweets per day grew 252 percent—from 27 million per day to 95 million per day. Facebook will exceed over 1 billion active users this year. Boards need to try and consider all aspects of risk in order to avoid being targets or being caught off guard when risk does arise.
As with any issue, it is easy to address the risks that are obvious or anticipated. Shareholders, analysts and company employees expect accountability from a board. The real art is thinking ahead and trying to identify risks before they endanger the enterprise. There is no magic answer or safeguard. Boards need to stay current in order to safeguard the companies they have been elected to serve. A coordinated effort between the board, company management and trusted advisors is necessary to anticipate, deal with and get through any risk situation that might arise.
Appreciate your article, Risk is an area I deal with on a daily basis but from the perspective of being able to produce a state-of-the-art system (never accomplished in the past) on a schedule and within a cost figure as proposed to the government or another defense company. Many cases Moore’s Law and patents have to occur to reach the level of sophistication promised to the end user – US Govt…
Contract structures (Cost Plus) covers much of the financial risk but in the International environment the contract is normally fix price; therein is the dilemma for the board. They (board members) need to understand enough of the technology to have a feel if what is being promised can be delivered, and some of the technology is extremely technical.