We all know that, in what I have described as “The Age of Acceleration”—where the only constants are change the speed at which it is increasing—to accommodate recent yet fundamental change, enterprises of all sizes are busy transforming, and relying heavily on technology to do so. But while business transformation has become the order of the day, it has also transformed the nature of risk management.

Reality is the world is becoming a much riskier place and tech has a lot to do with it, along with helping solve the problems it causes. Consulting powerhouse PwC, in fact, is out with its new assessment of how transformation has changing the way businesses must look at risk, and the findings contained in PwC USRisk in Review report entitled, "Global risk in the transformation age," are worth a download and review.

A bit of background on business transformation

Based on a survey of more than 800 executives and risk managers in businesses worldwide, PwC's report notes that more than two thirds of companies have undergone a major transformation in the past 18 months, and another 10 percent plan to do so over the next 18 to 24 months.

PwC says this is a global phenomenon, and in response to major shifts enterprises are building new business models, tapping into digital channels and expanding into new markets. More importantly, they are in the process rethinking how their supply chains and the location of their facilities fit into their globalization strategies.

"Continued recessionary pressures, global financial shocks, increased taxation and excessive government austerity are top-of-mind risks for board members and executives because of the serious impact they can have on businesses," said Dean Simone, leader of PwC's US Risk Assurance practice. "Changes in business direction have also exposed companies to new risks, and the interplay of market and business transformation is creating complex risk linkages that can be fragile and difficult to predict. This complexity requires businesses to rethink their approach by taking a holistic, multifunctional view of managing risk."

These changes are adding further complexity to the global risk management, and the survey revealed that well-positioned businesses are taking decisive steps to bolster their risk management techniques to focus around four strategic response categories: resilience, people, technology and next-generation risk analytics.

The overall risks ahead

The overall concerns are an interesting mix and worthy of brief mention. They include:

• A major global economic downturn, which is seen as the most serious risk over the next 18 months, and nearly two thirds of survey respondents cited such a downturn as being likely.
• Increased taxation in industrialized markets is near the top of concerns, which two thirds consider probable with serious consequences. Plus, about half view excessive government austerity measures as a threat as more nations move to reduce their heavy debt burdens.
• Close to 60 percent of executives say business transformation will make their companies more vulnerable to technology risks. The danger that major IT programs will fail to deliver expected benefits is the biggest specific risk cited by survey respondents.
• More than 40 percent of survey respondents say social media is likely to put them at risk in the next 18 months.
• Almost half of the survey respondents are concerned that entering new geographies because of further risks, particularly from regulatory compliance.
• More than 62 percent cite risks arising from organizational change and restructuring as a key hazard of business transformation, since reorganizations can go wrong or cause unexpected consequences.
• More than half cite the failures of new strategies and business ventures as key risks.

"In today's unpredictable environment, companies need techniques to anticipate unknown risks and structures that are resilient to risks when and where they occur," added Simone. "Businesses can use horizon scanning and early-warning systems to spot trends, and employ stress testing to identify key vulnerabilities. More flexible risk appetite statements, corporate-wide contingency planning and a risk-aware corporate culture that challenges conventional wisdom are all powerful tools that can help organizations better manage emerging risks."

The four major risk response categories

Risk in Review outlines four strategic response categories in which forward-looking businesses are bolstering their risk management techniques to address business transformation-driven risks:

• Resilience: Companies are pushing harder to build resilience to emerging risks. Over the next 18 months, more than half of responding companies will be applying horizon scanning, early-warning systems, scenario planning and flexible risk appetite statements.
• People: More companies are taking organizational measures such as developing risk-related performance incentives and conducting talent audits to identify skills gaps. PwC's survey respondents plan increases of 79 percent and 69 percent, respectively.
• Technology: To address growing risks from digital technology and social media, companies will nearly double their use of intellectual property, brand and reputation audits over the next 18 months and take measures to mitigate the risks that are uncovered.
• Next-generation risk analytics: Across industries, companies will draw on more sophisticated techniques to identify hidden patterns and risk linkages in large sets of data. The fastest growing tools will include integrated risk data warehouses (whose use is expected to double) and risk dashboards (whose use will increase by 50 percent).

Business transformation is a broad topic that includes not just changing technology, but processes, business models, supply chain logistics and a host of other relationships – as well as culture. As can seen from the above, they all involve risks, and are driving a new look at risk management as a result.

What stands out here, setting aside political and economic concerns, are the ones involving technology – a critical tool in transformation and its impact on risks as well as possible rewards if risks are managed correctly. What the report implies, given concerns over failed technology implementations and the risks of incorporating things like social media, is the transformation of the role of IT and the need for better analytics. 

The list is likely to not look that different this time next year, but how aggressively enterprises are responding should show up in changes in the responses. As a snapshot in time, however, the report is valuable, and as noted at the top, worth a download. And since metrics and best practices are always great to have, you might also wish to take a look at PwC's on-line benchmarking tool.  

Follow the instructions and see how your company stacks up.