Woman walking the fine line

How boards can enhance resiliency through effective risk oversight

This webcast will explore today’s risk landscape, the importance of organizational resiliency, and how boards can anticipate, prepare for and respond to a changing risk environment.

Join the EY Center for Board Matters on Wednesday, May 24, 2023, at 3:00 p.m. (ET) for another episode in our webcast series, Better Questions for Boards, designed to provide directors with insights and questions to consider as they engage with management on a variety of complex boardroom issues.

Is your organization focused on the right risks and do you know which ones are most probable and likely to have the largest impact? Hear a discussion about how boards are thinking about “gray rhino” risks in today’s climate and the importance of staying resilient in an uncertain environment. The webcast agenda will highlight findings from the forthcoming EY Global Board Risk survey and address:

  • Identifying priority risks, including those that will have the most impact on their companies in the next year
  • The role of resiliency in creating a future-proof company of the future
  • How boards can enable organizational resiliency through risk oversight

This 60-minute webcast will be moderated by Kris Pederson, EY Americas Leader, Center for Board Matters. Panelists will include:

  • Mike Millegan, Board member, Portland General Electric Company, Wireless Telecom Group, Axis Capital Holdings
  • Steve Richard, Chief Risk Officer and Chief Audit Executive Officer, Becton, Dickinson and Company; Board Member, Anika Therapeutics
  • Kapish Vanvaria, EY Americas Risk Markets Leader, Ernst & Young LLP

Key takeaways

  • Pivot how you are thinking about risk from “black swans” to “gray rhinos.” This can help companies think more proactively and put more processes in place. You can never predict which gray rhino will come at you, but if you look at it as a black swan you won’t prepare at all.
  • Rather than trying to codify every risk, focus on resiliency. Resilient companies that can pivot their business and adjust and respond to events outside their control will survive and thrive – and boards will play an essential role in enabling that resiliency.
  • Agree on the risks that really matter today and address gaps in how boards and management teams perceive risk. The forthcoming EY risk survey reveals that CEOs rank their companies’ resiliency higher than boards do, and 61% of board members told us they aren’t aligned with their fellow directors on the material risks that will have a significant impact on the organization in the next 12 months.
  • Go beyond third-party risks to consider fourth-, fifth- and sixth-party risks as well. As supply chain challenges continue and are compounded by regulatory and policy developments globally, companies need to understand risks across their full global ecosystem.
  • Recognize the new challenges and opportunities presented by emerging technologies, and be rigorous in making related investment choices. It is important to clarify the business case as well as potential unintended consequences and take ethical responsibility. Consider what the “must-haves” are to stay on strategy and stay competitive, and recognize that older systems that are key to the company’s operations may need further investment to stay fit for purpose.
  • Use external data as a bias buster, and challenge management on the use of technology to “sense” emerging and evolving risks. Horizon-scanning and risk-sensing capabilities that leverage artificial intelligence and advanced analytics can enable companies to potentially turn risks in the business environment to opportunities. Bringing in external data, including from other sectors, can also help challenge internal bias.
  • Oversee a consistent framework for deciding when and how the company will address sociopolitical issues. Leading companies seek to fully understand the areas that matter most to their stakeholders and are more cautious about responding in a way that could create a backlash. If these companies do decide to act, there’s a robust process in place to guide and support them. Understand that certain stakeholders, including the workforce of the future, care deeply about these matters and want to see companies follow through on their commitments.
  • Encourage and oversee the integration of risk management into strategy setting. While management is more focused on the day to day, boards can be looking ahead and asking about the impacts to the business. It is one thing to have risk profiles and risk assessments, but they have to be integrated into strategy, and that is where the board comes in.
  • Keep in mind that human limitations pose an additional challenge in risk oversight. Risk assessments require leaders to understand the nature of risks, the effectiveness of controls, and the likelihood and impact of a risk event. However, subject-matter bias, groupthink and other aspects of human nature can present limitations in assessing and overseeing risk.
  • Engage regularly with the executives who own material risks, and challenge the risk culture of the organization. While it depends on the company and its specific circumstances, the benchmark for the board engaging with the chief risk officer is quarterly. When it comes to risk culture, the tone is set from the top, but boards need to validate how deeply the risk culture is resonating through the culture of the organization down to the first line of defense. 

What we heard from the audience



CPE credits: 1.2


your local time