Documente Academic
Documente Profesional
Documente Cultură
Objectives:
Analyze risk management environment evolution since 2008
Determine the level of maturity of risk management practices through the European companies
Illustrate the link between companies complexity & risk management maturity level
Understand the future of risk management and focus on risk appetite triggers
Highlight current insurance issues and expectations
1 September 2010
In collaboration with E
Q
Content 1. Risk management environment:
where do we stand and whats new ?
Introduction
key features: sample composition and
respondent profile
5. Insurance market:
developing expectations
key observations: how to read 2010 results
6. Conclusions
Introduction
Key features: sample composition and respondents profile
Key observations: how to read the 2010 results
An increasing number of respondents
800 782
700
4 September 2010
In collaboration with E
Q
A representative sample of European companies
Automotive - 3%
Financial services -
10%
Other - 23%
Consumer products - No
8% 48%
Yes
52%
Logistics - 6%
Energy / utilities -
13%
Tech/ Telecom - 7%
Euronext 52%
Services - 5%
Manufacturing -16%
US Market (s) 18%
Life sciences - 4%
Public Sector and
Other 45%
M&E - 2%
NGOs - 3%
5 September 2010
In collaboration with E
Q
A representative sample of European companies
A large array of companies:
6 September 2010
In collaboration with E
Q
A representative sample of European companies
Netherlands 8%
51 to 100 countries 13%
Switzerland 7%
Italy 5% 16 to 50 countries 29%
Sweden 5%
11 to 15 countries 7%
Other 5%
Belgium 4% 6 to 10 countries 10%
Denmark 4%
Spain 4% 1 to 5 countries 27%
Finland 2%
No opinion / Don't know 2%
Norway 2%
Poland 2% 0% 10% 20% 30%
Turkey 2%
USA 2%
Czech Republic 1%
Portugal 1%
Russia 1%
Bulgaria 0%
7 September 2010
In collaboration with E
Q
70% of the respondents are in charge of Risk
Management and/or Insurance
Basis: N=782
Risk Manager 32%
Other 18%
Head of Treasury 1%
President, Chairman 1%
8 September 2010
In collaboration with E
Q
1.
Risk management environment:
where do we stand and whats new ?
Introduction
Objectives
Focus on new regulations and standards since 2008
8th EU directive
ISO 31 000
Understand current risk management objectives and triggers
Change in shareholders risk management objectives since 2008
Risk management triggers at top management level
Methodology
Selection and in depth analysis of a sample of four relevant questions
extracted from the 2010 survey and comparison with 2008 results
(if applicable)
10 September 2010
In collaboration with E
Q
Focus (1/5)
Impact of the EU 8th directive on companies' Risk Management policy:
a very heterogeneous level of awareness among listed companies
40%
18%
11% 12%
8%
5%
3% 3%
The impacts of the EU 8th directive are still poorly assessed and understood by a large number of risk and insurance managers
40% of the listed companies respondents have no opinion or no idea regarding the impact of the EU 8th directive
12% considered that it is not applicable to their organization
11 September 2010
In collaboration with E
Q
Focus (2/5)
Risk Management framework standards of reference:
a growing but still limited risk management standard of reference
Other 7%
COSO 2 30%
None 47%
There is no leading risk management framework standard of reference and many European companies still do not refer to any standard
Several risk management framework standards are in use such as COSO 2 (30%) or Ferma/Airmic and National Risk Management Standards (23%)
whereas the reference to the ISO 31 000 standard remains an emerging practice (13%)
12 September 2010
In collaboration with E
Q
Focus (3/5)
Main external factors triggering Risk Management within your company:
legal, regulatory or compliance requirements considered as the main triggers (1/2)
39% Clear requirements from shareholders As in the 2008 study (see next page), compliance and legal
requirements remain the main external factors triggering
risk management within companies.
34% Corporate social responsibility
70%
Legal, regulatory or compliance requirements 71%
45%
Catastrophic event 63%
31%
Pressure from the market 31%
2010
39%
Clear requirements from shareholders 35%
2008
13%
Major increases in insurance premiums 26%
12%
Other 9%
Shareholders expectations clearly emerge as a major external factor triggering risk management compared
to the 2008 study
If compliance and legal requirements remain a major factor triggering risk management within companies (70%), risk management efficiency is more and more
becoming a clear expectation or concern for shareholders (from 35% to 39%) who want to ensure and improve the performance of their operations.
Similarly, catastrophic events (from 63% to 45%) and major increases in insurance premiums (from 26% to 13%) experience a significant decrease.
14 September 2010
In collaboration with E
Q
Focus (5/5)
Risk Management objectives for companies top management:
traditional expectations still on the top of the list but better link with strategic decisions
Risk management objectives remain conservative and focus on traditional missions but a will to better link risk management
and strategic decisions is clearly emerging
Traditional objectives remain on the top of the list: minimize operational surprises and losses (70%) and identify and manage cross enterprise risks (52%).
However, the survey revealed a growing will to better link risk management and strategic decisions, especially in Northern countries:
- In the UK, Belgium and the Netherlands, better align risk appetite and strategy is now a major objective for the top management for more than 50% of the respondents
- Also, link growth, risk and return has become a major objective for 36% of the European companies
15 September 2010
In collaboration with E
Q
2.
Maturity of risk management
practices at a glance
Introduction (1/2)
Objectives
Assess maturity level of risk management practices within european companies
Illustrate maturity level of risk management practices regarding three main risk topics:
Risk governance
Risk practices & tools
Risk communication
Seize the diversity of risk management practices
Methodology
Selection of 13 questions (see next slide) from the survey
Breakdown of these questions by risk management category:
Risk Governance - 5 questions
Risk practices & tools - 5 questions
Risk Communication - 3 questions
17 September 2010
In collaboration with E
Q
Introduction (2/2)
Risk communication
Q.1.6 : definition or communication of a formal risk management policy or charter
Q.1.11 : how is risk information perceived by the Board ?
Q.1.9 : disclosure of risks in external reporting (annual report, reference documents, etc)
18 September 2010
In collaboration with E
Q
Risk governance (1/5)
Mandate of the Board Audit and/or Risk Committee:
a limited scope and a mandate to be clarified
GRAPH CAPTION
% of answers
60%
Mandate of the board audit and/or risk committee:
44%
1) Monitor and ensure the compliance of risk management framework
40% with respect to standards and norms
The mandate assigned to the Board Audit and/or Risk Committee remains limited to specific areas (44%) or unclear (16%)
For 44% of the respondents, the mandate of the Board Audit and/or Risk Committee remains limited to only one of the three issues highlighted in the survey
(monitor and ensure compliance of risk management, challenge residual risk exposure and relevance of existing mitigations actions, or, challenge risk management
strategy).
Moreover, 16% of the respondents do not have a clear vision of the mandate assigned to the Board Audit and/or Risk Committee.
Conversely, the mandate of the Board Audit and/or Risk Committee appears appropriate (mandate extended to 2 or 3 of the topics highlighted by the survey)
for 40% of the respondents.
19 September 2010
In collaboration with E
Q
Risk governance (2/5)
Risk Management interaction with the boards: a close and regular relationship
GRAPH CAPTION
% of answers
Emerging Moderate Mature Advanced
60%
7%
0%
Emerging Moderate Mature Advanced Maturity
Risk Management activity is globally correctly embedded in reporting to the boards (78%) and risk management
topic is generally formally addressed by the board at least on an annual basis
Regarding this topic, the country of origin seems to keep a significant impact over the depth of the interaction between
risk management and the boards:
Countries with strong risk management legislation track record as the UK, France and Germany benefit from better interaction levels
(mature and advanced practices > 80%).
20 September 2010
In collaboration with E
Q
Risk governance (3/5)
Risk management reporting: a reporting at top management level but still rooms for improvement
GRAPH CAPTION
% of answers
20% 15%
0% Maturity
Emerging Moderate Mature/Advanced
Risk Management function globally reports at top management level (85%), but reporting at CFO level (35%),
still remains widespread among certain countries (Germany).
21 September 2010
In collaboration with E
Q
Risk governance (4/5)
Coordination with other risk functions: basic coordination in place but still incomplete
GRAPH CAPTION
% of answers
61%
Emerging Moderate / Mature Advanced
60%
Risks functions Some coordination exists between the different Full risks functions
(risk management, risks functions coordination/
internal audit, (including
40% controlling, insurance) in place
environment,
quality, )
23% are working
independently
20% 16%
0%
Emerging Moderate/Mature Advanced Maturity
The different risk functions are no longer working in silos, however their level of coordination remains limited
A minimum set of coordination of the different risk functions is now largely widespread (61%). However, if the different risk functions do not work in silos any more
(only 14%), a full coordination of the different risk functions (including insurance) appears more as a best practice (23%) than a usual standard.
22 September 2010
In collaboration with E
Q
Risk governance (5/5)
Risk management system independent assurance: a role of the Internal Audit still in debate
GRAPH CAPTION
% of answers
Emerging Moderate / Mature Advanced
25%
20%
0%
Emerging Moderate/Mature Advanced Maturity
Internal Audit is globally involved in the process of providing an independent assurance over the quality/efficiency of the risk
management system but its role regarding this topic still remains unclear
Internal audit is fully or partially involved in the risk management system assessment for 61% of the respondents.
But, for more than a third of the respondents (39%), the Internal Audit is still considered as not involved in this process (29%), or as dealing with an unclear role role
regarding this topic (10%).
23 September 2010
In collaboration with E
Q
Risk practices & tools (1/6)
Risk management scope of intervention:
a broader scope of intervention but still too limited in some major activities (1/2)
GRAPH CAPTION
% of answers
60%
The following actions are part of your risk management activities:
1) Enterprise Risk Management coordination
2) Risks and controls identification and quantification
40%
32% 3) Operational risk management practices continuous improvement drive
29%
25% 4) Risk financing solutions definition and implementation
5) Risk management policy and standards compliance audit
20%
14% 6) Risk reporting and information systems operations
A move towards maturity (43% of the companies) but still rooms for improvement (see next slide)
24 September 2010
In collaboration with E
Q
Risk practices & tools (2/6)
Risk management scope of intervention:
an increasing number of activities covered since 2008 (2/2)
100%
80% 72%
55% 57%
60% 51%
49% 49%
42% 43% 42%
38% 35%
40% 34%
20%
0%
Coordinated enterprise Identify and quantify risks Drive continuous Define and implement Audit compliance with Operate risk reporting
risk management and controls improvement of risk financing solutions risk management policy and information system
operational risk and standards
2008 2010 management practices
The number of activities covered by the risk management function are increasing but remain limited for some major topics
72% of the companies identify and quantify their risks and controls, however, only 43% of the companies deal with more than 4 of the above listed activities.
More specifically, two topics still remain poorly covered by the risk management function:
25 September 2010
In collaboration with E
Q
Risk practices & tools (3/6)
Risk mapping exercise: a standard within European companies
GRAPH CAPTION
% of answers
60% Emerging Moderate Mature Advanced
60%
No risk mapping Partial approach Approach in place Approach in place
approach in place yet in place (certain at global corporate from Corporate level
6%
0%
Emerging Moderate Mature Advanced Maturity
Risk mapping exercise can now be considered as a risk management standard within European companies
77% of the companies perform a risk mapping exercise at Global (60%) or Corporate (17%) levels.
26 September 2010
In collaboration with E
Q
Risk practices & tools (4/6)
Risks assessment and quantification:
basic assessment methodology in place but advanced quantification tools still poorly used
GRAPH CAPTION
% of answers
60% The main risk measurement approaches are:
1) Risk assessment workshop
42% 41% 2) Internal or external databases (incident, losses)
40%
3) Scenario simulation models
4) Value at risk simulation models (Monte Carlo, others)
5) Stochastic aggregation models of B.U / level risks mapping
20%
12%
5%
Risks assessment workshop is now a widespread practice among European companies but advanced quantification
tools are still poorly used
Risk assessment workshops are now used by more than three quarters of the European companies (88%).
However, advanced quantification is still poorly used among major European countries (UK, Germany, France, Spain):
Stochastic aggregation models of B.U / level risks mapping used by less than 25% of the companies
Value at risk simulation models used by less than 25% of the companies , except for Germany (38%)
27 September 2010
In collaboration with E
Q
Risk practices & tools (5/6)
Decision making process: risk analysis and major Corporate decisions still partly disconnected
GRAPH CAPTION
7% 6) Budget decisions
0% Maturity
Emerging Moderate Mature Advanced Emerging: risk analysis and decision making are linked for 0 or 1 criteria
Moderate: risk analysis and decision making are linked for 2 or 3 criteria
Mature: risk analysis and decision making are linked for 4 or 5 criteria
Advanced: risk analysis and decision making are linked for the 6 criteria
65% of the companies do not systematically perform a risk analysis (emerging and moderate levels) prior to major Corporate decisions.
Conversely, more than a third of the studied companies (35%) perform a risk analysis prior to most of their major Corporate decisions.
28 September 2010
In collaboration with E
Q
Risk practices & tools (6/6)
Risk Management and Internal Audit functions:
a growing relationship but still too limited synergies
GRAPH CAPTION
% of answers
Emerging Moderate Mature Advanced
60%
No particular Mutual reporting - Coordination and Very close
relationship between coordination./ cooperation on the relationship between
40% 36% Risk Management cooperation on a audit plan the two functions
and Internal Audit limited basis
27%
functions and/or
20%
20% 17% separate reporting
lines
0%
Emerging Moderate Mature Advanced Maturity
A minimum level of coordination between the two functions is now in place for most of the European companies
A minimum level of coordination between Risk Management and Internal Audit functions is now in place for 64% of the respondents.
However, there is still no particular relationship between the 2 functions for more than a third of the respondents (36%) which remains quite high.
29 September 2010
In collaboration with E
Q
Risk communication (1/3)
Risk management role and activities: a clear definition through risk management policies or charters
GRAPH CAPTION
% of answers 62%
60%
Emerging Moderate / Mature Advanced
40%
No risk A risk management policy is currently being A formal risk
management policy prepared Management policy
or charter has been or charter has been
17% 21% defined defined and
20%
communicated
0%
Emerging Moderate/Mature Advanced Maturity
100%
% of answers
Yes The role of risk management is now clearly defined, or in the
process of being defined in most of the European companies
No, but it is currently being
80% prepared
83% of the respondents have defined (64%) or are currently in the process
62% No
of defining (19%) a Risk Management policy or charter.
60%
48% No opinion / Don't know
This practice is now widespread among both listed and not listed companies
40% and a significant improvement can be observed since 2008 (from 48% in 2008
30% to 62% in 2010).
18% 21% 17%
20%
4% 1%
0%
Year
2008 2010
30 September 2010
In collaboration with E
Q
Risk communication (2/3)
Board use and perception of risk information: a regular use and a growing interest
GRAPH CAPTION
% of answers
Emerging Moderate Mature Advanced
60%
Boards have a regular use and a growing interest for risk information
Risk management is now completely embedded in board decision making process (28%) or the topic of risk management dealt at least on an annual basis (30%)
for 58% of the respondents.
Moreover, risk information can also be asked on an as needed basis for 19% of the respondents.
Conversely, for 23% of the respondents, risk management/information mainly remains considered as a pure compliance requirement (13%) or is not really
taken into account by the Board (10%).
31 September 2010
In collaboration with E
Q
Risk communication (3/3)
External risk communication: a large array of practices
GRAPH CAPTION
% of answers
0%
Emerging Moderate Mature Advanced Maturity
Risks external reporting remains very diverse from one company to another and deal with a large array of practices
50% of the companies (mature and advanced practices) communicate at least about major specific risks faced by the companies, whereas an other 50%,
still deal with a very limited level of external communication (24%), if not minimal or inexistent communication (26%).
32 September 2010
In collaboration with E
Q
Synthesis: results per category and level of maturity
Companys breakdown per category and level of maturity
Mandate of the board audit and/or risk committee 16% 44% 18% 22%
33 September 2010
In collaboration with E
Q
3. Impact of company complexity on risk
management : focus on risk appetite triggers
Introduction (1/2)
Objective
Illustrate the correlation between the level of complexity of a company
and its risk management practices maturity.
Methodology
Assessment of the level of complexity of the studied companies based on four criteria:
Listed or not listed companies
Number of employees: between 0 and 4 999; between 5 000 and 24 999; between 25 000 and 49 999; more than 50 000
Number of countries of operations: between 1 to 10 countries; between 11 to 50 countries; > 51 countries
Sector of activity complexity: low (other); moderate (Media and entertainment, Automotive, Services, Transportation /
Logistics, Other industry / Manufacturing); high (Energy/Utilities, Consumer products, Technology/Telecommunications,
Government service/Welfare organization); very high (Banks, Financial institutions, Asset management and Insurance,
Pharmaceuticals/Life sciences)
35 September 2010
In collaboration with E
Q
Impact of company complexity on risk management
practices maturity level
The impact of company complexity on risk management practices is clear but some weaknesses
appear to be shared and widespread amongst all companies
36 September 2010
In collaboration with E
Q
4.
The future of risk management:
focus on risk appetite triggers
Introduction
Objectives
1st objective:
Classify risk significance and define risk appetite for 23 generic risks
Understand the impact of company complexity on risk appetite
2nd objective:
Seize the respective impacts of compliance and shareholders expectations triggers on risk management maturity
Illustrate these impacts with respect to companies risk management level of maturity
Methodology
1st objective:
The respondents were required to classify risk significance and define risk appetite for 23 generic risk areas
identified in the four most important areas of their organization:
Strategic & governance
External risks
Operational risks
Compliance and ethics
Based on their responses, companies were then classified into four risk appetite
categories
2nd objective:
Analyze the respondents responses regarding risk management maturity triggers: mainly compliance,
both compliance and shareholders expectations, mainly shareholders expectations
38 September 2010
In collaboration with E
Q
Risk Appetite per risk category
39 September 2010
In collaboration with E
Q
Risk management maturity triggers
Risk management maturity is no longer a pure compliance mirror effect, especially for complex
companies, but a true shareholder expectation
40 September 2010
In collaboration with E
Q
5. Insurance market: developing expectations
Insurance is seen as remaining good value
What changes have you made to your insurance programmes or will you consider
as a result of the financial crisis?
Basis: N=451
(Multiple choice)
42 September 2010
In collaboration with E
Q
Good degree of satisfaction regarding
insurers network, knowledge and expertise
Do you feel that traditional insurance markets are able to adapt to the needs of your company with regard to?
Basis: N=451
43 September 2010
In collaboration with E
Q
A need for more relevant offering
Basis: N=151
(Multiple choice)
44 September 2010
In collaboration with E
Q
Interdependancy and emerging risks:
progress to be made
Do you think that insurers have a sufficient level of expertise with respect of:
Basis: N=451
45 September 2010
In collaboration with E
Q
European insurance services are generally
broker-provided
Basis: N=451
43% see an internal team as the best
form of claims management (versus
29% in 2008).
46 September 2010
In collaboration with E
Q
Risk engineering: a good balance of roles
According to you, which partners offer you best Risk engineering services
with respect to the following areas?
Basis: N=451
Except for:
Health and Safety: internal teams
predominate!
Insurers are seen best partners
for fire safety and prevention (32%),
as historically.
Brokers seen the best partner
on public and product liability (35%).
47 September 2010
In collaboration with E
Q
Respondents recognise Risk engineering
as a separate and valuable service
Do you (are you prepared to) pay a separate fee for those Risk engineering Services?
Basis: N=451
48 September 2010
In collaboration with E
Q
Broker transparency progressing but still not perfect
Basis: N=451
In 2010:
u Yes answers went to 55%
from 30% in 2008
u Dont know replies dropped
to 2% from 14% in 2008; insureds
have more awareness
49 September 2010
In collaboration with E
Q
Future uncertainties keep respondents awake
Identify the 3 top issues that most concern you about the insurance market:
50 September 2010
In collaboration with E
Q
Insurers required to be more innovative
Basis: N=451
(Multiple choice)
51 September 2010
In collaboration with E
Q
Contract certainty: disappointed results
Basis: N=451
52 September 2010
In collaboration with E
Q
Timely issuing of documents should
be a differentiating issue among insurers.
On average, at last renewal, when were your policy documents issued versus the policy inception date?
Basis: N=451
53 September 2010
In collaboration with E
Q
Good ratings for international programmes
International programmes: how would you rate the insurance compagnies on the following topics?
54 September 2010
In collaboration with E
Q
Snapshot on captives
Does your company own one or more captive insurance or reinsurance company(ies)?
55 September 2010
In collaboration with E
Q
6. Conclusions
Conclusions (1/2)
Risk management
The risk management environment is evolving towards more regulations and standards which should
play a structuring role and severely impact risk management practices in the coming years
(8th EU directive, ISO 31000 standard). However, the survey results show that currently the level of awareness
regarding these new regulations and standards still remains very heterogeneous.
Risk management is now on top management, boards and shareholders agenda which clearly support
and sponsor the function in its traditional objectives as well as in its new ambitions. However, if risk
management now appears better known and valued at top management level, its role as well as its level
of coordination with other risks functions, must be clarified and supported by the top management.
A trend towards more consistent risk practices and tools takes shape through a broader scope
of intervention and a convergence of risks practices and tools (risk mapping exercise). However, in spite
of this consistency trend, risk management approach remains more qualitative than quantitative.
A more mature internal communication on risk is emerging through the definition of risk management
policies or charters within most of the European companies and a deeper involvement in board decision
making process. However, contrary to internal communication, external ones continues to deal
with a large array of communication practices.
Furthermore, the survey also reveals that companys complexity has a clear impact on risk
management practices maturity and that companies risk appetite relies more on risk category
than on risk importance assessment.
57 September 2010
In collaboration with E
Q
Conclusions (2/2)
Insurance
In general, clients are reasonably satisfied with insurance prices, and they are now looking for insurers
to differentiate themselves through both innovation and services. There is, however, real concern about
the possibility of a hard market and the potential impact of Solvency II on insurance capacity and pricing.
The responses show a good degree of satisfaction with insurers networks, knowledge and expertise.
Respondents are confident that their insurers can support them as their businesses develop and expand
into new territories.
As far as innovation is concerned, clients would like insurers to do more to help them manage new and
emerging risks, particularly what are today uninsurable risks.
With regard to services, the results show that respondents want more sharing of claims data and
benchmarking by insurers. Information and management of premium-related cash flows could also be
improved.
Broker transparency remains an issue. Though improving, clients find it is not yet good enough. Similarly,
the timely production of documents is still a weak point for some insurers.
Finally, it is noticeable that the number of dont know responses has fallen substantially from previous
surveys. This suggests that respondents have increased oversight of the insurance programme.
The requirements of the job have certainly grown, perhaps at least in part due to the financial crisis and greater
risk awareness.
In summary, the 2010 benchmarking survey shows that respondents believe insurers offer them good
services at reasonable prices today with developing expectations for the future.
58 September 2010
In collaboration with E
Q
Appendices
Country 0.1 In which country is the head office of your
company's parent company located?
Basis: N=782 Basis: N=782
0.2 Within your organization, are you part of the: 0.3 What is your primary position?
60 September 2010
In collaboration with E
Q
0.4.1 Among the following areas of responsibilities, 0.5 How do you believe that the recent financial and
please indicate the areas of responsibilities you are directly economic crisis has influenced the standing of the profession?
in charge of: Basis: N=782 Basis: N=782
(Multiple choice)
0.4.2 Within your direct areas of responsibilities, please 0.6 What is your company's main sector of activity?
indicate the areas of risks you directly deal with:
Basis Resp
Basis: N=782
61 September 2010
In collaboration with E
Q
0.7.1 Your company's turnover: 0.7.2 Number of employees:
0.8.2 If yes, please indicate which market(s)? 0.9 Number of countries in which your company operates
either for production or distribution purposes:
Basis: N=782 Basis: N=782
62 September 2010
In collaboration with E
Q
0.10 Is your company or are you a member of one
of the following Risk Management association?
Basis: N=782
(Multiple choice)
63 September 2010
In collaboration with E
Q
1.1 To whom does Risk Management report and by whom 1.2 How has the link between Risk Management and your
is it sponsored? Board of Directors / Supervisory Board / Audit Committee
been set up within your company? Basis: N=379
Basis: N=379
1.3 What is the mandate of the board Audit 1.4 What type of risk exposure is included within
and/or Risk Committee(s)? your company Risk Management approach?
Basis: N=379 Basis: N=379
(Multiple choice)
64 September 2010
In collaboration with E
Q
1.4bis Please identify the most important 5 risks areas for your organization:
Basis: N=379
(Multiple choice)
External
Operational
65 September 2010
In collaboration with E
Q
1.5 What level of risk acceptability has your organization defined (by risk categories)?
Basis: N=379
66 September 2010
In collaboration with E
Q
1.6 Has your company defined and communicated a formal Risk 1.7 According to you, what are the main external factors
Management policy or charter (i.e. an internal document triggering Risk Management within your company?
specifying mandatory requirements)? Basis: N=379 Basis: N=379
(Multiple choice)
1.8 According to you, what are the main objectives of your 1.9 To what extent does your company disclose its risks
companys top management with respect to Risk Management? within the scope of its external reporting
Basis: N=379 (annual report, reference documents, etc.)? Basis: N=379
67 September 2010
In collaboration with E
Q
1.10 To what extent is the EU 8th directive 1.11 How is risk information currently
(if applicable to your organization) impacting your companys perceived and used by your Board?
Risk Management policy? Basis: N=379 Basis: N=379
1.12 In your organization, to what extent are the various risk 1.13 Is your internal audit department providing
functions (Risk Management, internal audit, controlling, independent assurance over your overall
environment, quality,) coordinated? Basis: N=379 risk management system? Basis: N=379
68 September 2010
In collaboration with E
Q
2.1 Is Which of the following potential organizations 2.2 What type of relationship is there between
most closely describes that of your company? Risk Management and Internal Audit functions?
Basis: N=433 Basis: N=433
2.3 In your company, at corporate and division levels, how 2.4 To what extent do you cooperate with the following
many Full-Time Equivalents are working for the Risk functions / departments (from 1 = no relationship to 4 very
Management and Insurance Management Basis: N=433 close integration): Basis: N=433
functions (at head office)?
69 September 2010
In collaboration with E
Q
2.5 As part of your Risk Management activities, which of the 2.6 To what extent does your company map its risks
following actions are already embedded or planned? (identification, description, and prioritization):
Basis: N=433 Basis: N=433
2.7 In order to measure / quantify your risks, 2.8 Is your Risk Management framework explicitly
what kind of approaches do you use? referring to any of the following?
Basis: N=433 Basis: N=379
(Multiple choice) (Multiple choice)
70 September 2010
In collaboration with E
Q
2.9 Is risk analysis formally and systematically linked to 2.10 In terms of being recognized as a professional
decision making in the following? risk manager, in the next five years, do you think that
Basis: N=433 risk managers should have: Basis: N=433
71 September 2010
In collaboration with E
Q
Contacts
Contacts
FERMA Federation of European Risk Management Associations (Bruxelles)
Florence Bindelle, Executive Manager
Tl. +32 2 761 94 32 - Email : info@ferma.eu
www.ferma.eu
73 September 2010
In collaboration with E
Q