I was just reading the March 2009 Report on the Current State of Enterprise Risk Oversight conducted by by the Faculty in the ERM Initiative at North Carolina State University. The complete report can be found here:
It’s filled with lots of stats and can be summed up by this line from the report: “Despite the growing trends towards adopting a more holistic approach to risk oversight, not all organizations are modifying their procedures for identifying, assessing, managing, and communicating risk information to key stakeholders.”
(What are you waiting for!?)
Most people would submit that the Enron and WorldCom frauds led to Sarbanes-Oxley, but sadly, I don’t think people are aware that the 2008-2009 economic crisis was caused by poor risk management oversight. Alas, risk practitioners, soon we will have our day.