The road to recovery is paved with risks and companies need to ramp up their risk management and control frameworks to match the surge in business activity, says Cathy Blunt, vice resident of the Institute of Internal Auditors (IIA).
According to Blunt, signs that the economy is coming out of the recent slump should warn companies to plug the gaps left by the downturn and sharpen their focus on new and emerging risks arising from business growth.
She has provided the following risk management tips for business to ensure the road to recovery is not “paved with risks.”
• Ensure the internal audit function is appropriately resourced to identify weaknesses in organisational controls left by the downturn and emerging risks posed by the recovery.
• Identify key gaps in organisational controls by reviewing high-risk areas based on risk indicators such as business unit size, prior results, reports of fraud or missed budgets.
• Seek regular input from coalface business managers to help build a picture of the company’s emerging risks. As the economy recovers, these risks could include funding and staffing to capitalise on growth, fraud, the viability of the supply chain, distribution channels and customer base.
• Ensure executive management, the board and Audit Committee are regularly updated on the top emerging risks so they can be properly addressed.
• Engage the internal audit function on any capital or investment projects early so that project risks can be assessed and understood at the outset and managed appropriately.