Navigating and auditing in the perfect storm of high-impact interlocking risks.
In 2022, organisations were hit by a perfect storm of high-impact, interlocking risks that have thrown businesses into a permanent state of crisis. Following hard on the heels of the pandemic, the war in Ukraine has intensified supply chain failures, caused a spike in energy prices and fuelled inflation.
Now a state of crisis is the new normality. Climate-related natural disasters, looming recession, an accelerating cost of living catastrophe in Europe, food shortages, employee welfare and skills deficits,
and a rapidly industrialising cyberattack landscape are overlaid by intensifying geopolitical tensions and the very real threat of financial liquidity and solvency risks for businesses.
This has forced many organisations not just to rewrite their risk registers, but to tear up outdated risk taxonomies that favour old-style siloed thinking. Sudden, systemic organisation-wide risks with contagious, unpredictable ramifications throughout the enterprise are no longer seen as Black
Swan events – but as interlocking elements of a continuous storm.
Internal auditors need to get a rapid grip on this situation and support their organisations to navigate more risky, uncertain and volatile times ahead. Instead of thinking about what individual risks might arise over the next year or two, chief audit executives need to be thinking over the coming decade. And be thinking big. How would we survive an overnight, permanent supply chain break with China?
How would we cope if inflation hit 25% and stayed there, as it did in the 1970s? Are we prepared for the sudden, permanent increase in temperatures in every area in which we operate? Are we in a position to understand and help our clients and staff with the stresses and strains they face over the coming months and years?
The chief audit executives that participated in Risk in Focus 2023 are grappling with this reality. This year, the report explores five thematic risks – geopolitical uncertainty, climate change, organisational
culture, cyber and data risk, and digitalisation and artificial intelligence.
It outlines those challenges in detail and offers practical advice and know how about how to help organisations adjust to this new reality.
There are few obvious, easy answers to these problems. But internal auditors are uniquely placed to play their part in developing long-term solutions that have a real impact on organisations and the communities they serve. They need to secure from the board the resources and remit to tackle the most pressing risks with urgency.