Today, managing risk is riskier than ever.

Enterprises are facing an array of reputational, environmental, regulatory, and societal forces. To navigate this complex landscape, the C-suite should seek to embrace risk as an enabler of value and fundamentally transform their approach.

KPMG’s global survey of 400 executives reveals that their top priorities for the next few years are adapting to new risk types and adopting advanced analytics and AI. As organizations align risk management with strategic objectives, closer collaboration across the enterprise will be essential.

Key themes and statistics

 Girl Thinking While Writing

The C-suite must become the R-suite.

Risk is the business of every member of the C-suite, and CROs should spread risk ownership across the organization, working with business leaders to build risk into their strategy and make it part of their everyday thinking.

61% of executives surveyed inside and outside the risk function expect to see a significant increase in the level of risk they will be responsible for in the next 3-5 years.


 Man Posing with A Tablet

Risk as a value creator across the business

Key decisions by the risk function should begin and end by answering the question: how will this next step add value to the business? Such an approach can help transform risk from the “department of ’no’” to a service that consistently creates value–inspiring everyone across the organization to incorporate risk into their everyday decision-making.

66% of CEOs and COOs and 57% of CROs and Risk Managers point to a need for cross-functional task forces, collaboration, and communication.


Man Woman Discussing in Hallway

Integrate and connect risk into business decision-making

Decisions affecting one office or department can have a ripple effect on all the others, and this applies to risk, too. This means that risk management should be effectively embedded in decision-making throughout the organization, ideally as part of an “ERP for risk” system.

65% of C-suite executives — and 71% of CROs and Risk Managers — say that the integration of systems, domains, and processes can significantly enhance the effectiveness of risk-related decision-making.


 Man Thinking with Laptop

Leverage digital acceleration and data analytics

New technology can help risk professionals to manage change better–although it also brings fresh risks like cybersecurity and AI bias. As organizations digitize and embrace AI, they should be seeking to gain trust in its application, preferable via fewer platforms that use common data.

98% of executives in our survey say digital acceleration has improved their organization's approach to risk, particularly in the fields of identification, monitoring and mitigation.


People Discussing Around the Table

Leverage digital acceleration and data analytics

New technology can help risk professionals to manage change better–although it also brings fresh risks like cybersecurity and AI bias. As organizations digitize and embrace AI, they should be seeking to gain trust in its application, preferable via fewer platforms that use common data.

45% of C-suite executives prioritize optimizing cybersecurity, while 36% of CROs and Risk Managers are focusing on improving IT risk management and integrating data analytics and predictive modeling.



Five steps towards transforming risk management

Establish a risk vision

To foster a risk-aware culture, conduct a workshop with key stakeholders to discuss key threats, setting a vision, objectives and guiding principles to align the executive team for the transformation. 

Develop an enterprise-wide risk management strategy

The risk strategy — which should align directly with the organization's strategic goals — outlines key risk areas and integrates risk management into business processes.

Develop a communication plan

This plan should set out the objectives of risk management transformation, along with appropriate communication channels, to gain support across the C-suite and throughout the organization.

Identify risk management skills and plan to fill any gaps

A risk management mentorship program can stimulate interest in training and explain how risk impacts people in their daily jobs.

Create a data quality improvement plan

The aim is to enhance the accuracy, timeliness and completeness of risk management data by assessing and improving data governance, collection, storage and analysis.


Download PDF

Future of risk

Building a trusted risk function to succeed in a riskier world..



Download PDF (4.3 MB) ⤓




How KPMG can help


Get in touch

Connect with us