Risk and Compliance Strategies in 2022
Ransomware and supplychain attacks have become more systematic. Organisations need to develep robust risk resilience frameworks that are planned and tested. Therefore, a more holistic approach is recommended.
Environmental, social and governance (ESG) issues and cybersecurity are areas which carry greater weight than before. Insurance companies have responded accordingly and have become more stringent at underwriting these risks. The common understanding is the importance of implementing effective programs adressing cybersecurity and ESG concerns preemtively. Companies which fail to keep up risk being deemed ‘uninsurable’ because of poor cyberhygine and ESG missteps. Companies are also being held to account from their customers, employees and investors adding to the urgency.
Insurance companies have gone a step ahead and linked the strength of a company’s ESG and cybersecurity program to an indicator of its riskiness. This has meant among other things a greater role for ESG and cybersecurity disclosures.
RISK AND COMPLIANCE AS CHANGE ENABLERS
Companies are being called upon to act responsibly and ethically for a postive and progressive impact on society. A robust risk management program encompassing organisational resiliency, cyber compliance and ESG best practices is helping companies up their reputation, market position and attractiveness to customers and employees.
Given this scenario, management should view risk and compliance as business enabling areas helpful in identifying and creating strategic opportunities. They should strive to evidence that leadership is setting the appropriate tone by weaving risk, resilience and compliance into their core values.
RESILIENCE TAKES THE CENTRE STAGE
Proactive decision making has taken precedence over plain firefighting when disruptions arise. The year 2022 is about managers creating smarter and more resilient ecosystems from the lesson learnt over the past few years. Company culture grabs the spotlight, even more than the cause, at times of an incident as reputational risks have amplified.
Organisational resilience is therefore a continuing and dynamic goal that has entrenched itself deeply in any organisations’ priorties and purpose making.
