Strategy & Value Management
- Broadening risk coverage as business model and digitization efforts evolve
- Integration and coordination across three lines of defense (e.g. common risk taxonomy)
- Getting to the right KPI to measure value for the business
- IA’s role in disruptive events (transactions, transformations, etc.)
Risks & Responses
- Ransomware incident response*
- ESG initial program assessment*
- System implementations
- IT resiliency
- Supply chain*
- Data governance and data management
- Supply chain digital risk
- Cost containment
- AI; Machine learning
- Cloud services and storage (e.g. data security, business continuity)
- Fraud risks
- Culture risk*
- Distributed workforce risk (e.g. tax implications)
- Automated governance*
Operational model
- Operating with increased agility, especially an agile risk assessment and plan
- Staying close to the business in a virtual environment
Modern workforce
- Need for more specialized or mature capabilities around data analytics and insights
- Upskilling IT and enterprise technology Acumen
- Overcoming talent drain and resource needs through hiring and retention
- Overall shift in skillsets needed given shifts in IA delivery model
Digital acceleration
- Data-driven enterprise risk assessment
- Focus on automation
- Continuous monitoring
- Stronger integration of second and third lines on common GRC technologies to improve alignment of processes and data across the audit, risk, and compliance technology ecosystem
- Process mining
Stakeholder engagement
- Resourcing needs across the organization
- Improving AC chair connectivity