A worryingly large percentage of non-executive directors still need to step up their focus on risk management, according to new research just undertaken by the Chartered Institute of Internal Auditors*. Nearly a third (32%) of Heads of Internal Audit said that their Non-Executive Directors' scrutiny of risk management was inadequate.
Heads of Internal Audit are responsible for providing an independent opinion to the company's board on how the organisation's risk management and governance is working.
The research findings highlight a number of problems that company boards still need to address:
Dr Ian Peters, Chief Executive of the Chartered Institute of Internal Auditors, said:
"Boards' scrutiny of risk management still needs to become more robust. This must be the number one lesson from the financial crisis."
"Although our survey shows that the importance and quality of Non- Executive Directors has improved over the last five years, it is clear that Non-Executive Directors still need to become much more questioning and hands-on in their approach to risk management if they are to meet the needs of the company and the expectations of investors."
The Chartered Institute of Internal Auditors' research also identified two major barriers to Non- Executive Directors gaining a proper understanding of their company's risks.
Firstly, most NEDs have access to a limited range of information on key company issues, and are not sufficiently exposed to alternatives to the executive's views. 66% of Heads of Internal Audit reported that their company NEDs are wholly or very dependent on the business's executive management for the information they receive.
Secondly, this may in turn be limiting their understanding of a company's operational risks, such as health and safety or supply chain issues. While 93% of Heads of Internal Audit rated their NEDs' understanding of strategic issues, such as M&A activity, as good or very good, 28% of Heads of Internal Audit reported that their NEDs had only an average or poor understanding of the company's operational risks.
Dr Ian Peters commented: "One way of addressing this is to ensure that Non-Executive Directors are taking full advantage of the resources that the Internal Audit team can provide to ensure that they are sufficiently 'under the skin' of the business to provide the level of insight required."
The survey also identified that many businesses need to take steps to improve the understanding of risk company-wide: 71% of Heads of Internal Audit said that there was substantial scope for improving the understanding of risk within their organisation.
*141 Heads of Internal Audit in private sector organisations responded to a survey by the Chartered Institute of Internal Auditors on the part Non-Executive Directors in their organisations play in identifying and managing risk. 66% of the companies surveyed had an annual turnover of over £200 million, with 36% exceeding £1billion in annual revenues. 19% had a turnover of over £50 million.
For the complete summary analysis please read here.
ENDS