Every year corporate boards have several issues that surface or carry over from previous discussions. The risk a company is exposed to on a daily basis is sure to be on the minds of many this year. Some boards have a risk committee in order to identify and monitor the various risks—technology, economic, financial, fraud and consumer backlash. What is a board to do to reduce the exposure to risk? Does it matter if there is a separate risk committee, or if risk falls under the responsibility of the audit or the entire board? The bottom line is that this topic is going to be an important one for 2012 and beyond.
The economic concerns of the past few years have made boards associate risk with financial and fraud issues. These are certainly valid areas that need to be addressed. But risk to the enterprise is much more than just these two areas. Technology risk exposes companies to a variety of risk factors. There is risk from cyber-attacks—what is your company doing to protect its customer data? There is risk exposure from emerging technologies like social networking, cloud computing and mobile computing. Do you have the right people on the board that understand the complexities of new technology? Does your board need a member that is a CIO, CTO, social media expert, a C-level executive from a high technology company, or a young savvy executive that has developed and grown with emerging technologies? Unfortunately, there is no one executive that fits every situation among companies in various industries and complex structures. But, has your board identified the risk exposure and how to make sure the board is well advised in these areas?
Social media has never been more influential. All it takes is a few words over Twitter, a Facebook page denouncing corporate practices, blogs, or a viral video to rally support against a company. Every aspect of a company from executive pay, to political contributions and even the sustainability of products, are all potential targets for risk. Does your board have insight into public opinion that may exist over social media? If your board does not have that insight, you should. Between 2010 and 2011, Twitter’s tweets per day grew 252 percent—from 27 million per day to 95 million per day. Facebook will exceed over 1 billion active users this year. Boards need to try and consider all aspects of risk in order to avoid being targets or being caught off guard when risk does arise.
As with any issue, it is easy to address the risks that are obvious or anticipated. Shareholders, analysts and company employees expect accountability from a board. The real art is thinking ahead and trying to identify risks before they endanger the enterprise. There is no magic answer or safeguard. Boards need to stay current in order to safeguard the companies they have been elected to serve. A coordinated effort between the board, company management and trusted advisors is necessary to anticipate, deal with and get through any risk situation that might arise.