According to Booz Allen Hamilton, to protect shareholder value, companies must link RM with strategic planning and avoid overreacting to regulatory compliance mandates, such as Sarbanes-Oxley
More shareholder value has been wiped out in the past five years as a result of mismanagement and bad execution of strategy than was lost because of all of the recent compliance scandals combined. Despite its reputation as a panacea for raising the bar on business governance, SOX is essentially a quality-control mechanism piggybacking on financial reporting systems.
In reacting to Sarbanes-Oxley with an exaggerated fear of risk exposure, many companies are tempted to reduce RM to an expensive “box-checking exercise”
in regulatory compliance.
However, to thrive in the current business environment, companies need to do much more: They must be proactive in addressing risk by understanding and anticipating the full range of threats to their businesses. And they must embed RM in strategic planning capabilities. Board directors and senior managers need to look beyond traditional risks — typically, capital credit and physical security — and anticipate earnings-driver risks and cultural risks, too.
Read more about the five RM imperatives
in this interesting article