Airmic leading the risk culture, audit governance, cyber supply chain and standards debates with risk professionals

Airmic is hosting a number of roundtables in the coming weeks, focussed on three major issues: corporate culture, on which Airmic is collaborating with the Financial Reporting Council (FRC); restoring trust in audit and corporate governance (BEIS); and cyber security in supply chains (DCMS).

The overarching goal of Airmic in these discussions is to ensure that members of the risk profession are heard, and that Airmic, in its role as the association representing risk and insurance professionals, represents its membership as an effective voice of the profession.

“We find ourselves at a time of significant shifts and challenges, not least with the wide-ranging disruptions brought on by the pandemic,” says Hoe-Yeong Loke, research manager, Airmic.

“Besides fulfilling one of our roles as the voice of the risk profession, Airmic is facilitating these deliberations between our members, regulators, and the government on the key issues that will impact businesses as we all seek to recover from the tumult of the past year – issues ranging from cyber security in supply chains, to corporate governance and risk culture,” he adds.

Culture in the spotlight

The FRC collaboration on culture, seeks to support companies in establishing and promoting their desired culture more effectively and impactfully to succeed in the longer-term.

Members are invited to attend one or the other of two virtual roundtables, to be held on Wednesday, 30 June, 10.30am to 12.00pm, and on Friday, 9 July, 2.00 to 3.30pm, respectively.

The virtual roundtables will focus on four key questions:

• How do companies understand their culture?
• How are companies assessing, implementing and embedding, and monitoring their culture?
• What obstacles are companies encountering in promoting their desired corporate culture?
• What can companies struggling with promoting their desired culture do?

The output of the roundtables will culminate in a report and a toolkit to help companies integrate relevant matters and metrics into an overarching culture monitoring and embedding programmes.

The Covid-19 pandemic has also thrown corporate culture into the spotlight. The crisis raises questions as to the resilience and adaptivity of otherwise strong corporate cultures, Loke explains.

The project follows on from the FRC’s 2016 report, “Corporate Culture and the Role of Boards”. Since then, the FRC published the new UK Corporate Governance Code in 2018 which places a greater emphasis on culture.

“Furthermore, recent research has indicated that only around a half of companies  provided meaningful commentary on their culture in their most recent annual reports, while many companies made no mention at all of assessing, embedding or reviewing their culture,” Loke adds.

Audit and corporate governance

Airmic is holding two enterprise risk management pop-up Special Interest Groups (SIGs), on two pieces of UK government consultation, to which members are invited to attend.

These meetings will consider members’ views on the two pieces of government consultation and use them on a no-names basis, to contribute towards the Airmic response to the calls for views.

The first of these two online SIGs is on “Restoring trust in audit and corporate governance”, and will be held on Monday 28 June at 2.00 to 3.30pm.

The UK Department for Business, Energy & Industrial Strategy (BEIS) is seeking views on their white paper setting out proposals to strengthen the UK’s framework for major companies and the way they are audited.

The BEIS proposals set out how companies should report on their governance and finances; how reports should be audited audit; how the audit market should change; and how these should be overseen by a new regulator.

The full call for views, and the white paper can be read, here.

Cyber security in supply chains

The second of the two online SIGs, focuses on the issue of cyber security within organisations’ supply chains, and will be held on Friday 2 July at 2.00 to 3.30pm.

The UK Department for Digital, Culture, Media & Sport (DCMS) is calling for input to further understanding two aspects of supply chain cyber security.

Firstly, the DCMS wants to know how organisations across the market manage supply chain cyber risk and what additional government intervention would enable organisations to do this more effectively.

Secondly, the government department is consulting on the suitability of a proposed framework for Managed Service Provider security and how this framework could most appropriately be implemented to ensure adequate baseline security to manage the risks associated with Managed Service Providers.

The full call for views can be read, here.

Standards consultation

The British Standards Institution (BSi) is inviting comments on its revised BS31100 standard on risk management. The document gives recommendations for implementing the principles and guidelines in BS ISO 31000: 2018, including the risk management framework and process.

Airmic plan to submit comments and is encouraging members to contribute to this process, sending comments to Hoe-Yeong Loke, at the address below, no later than 14 July, in time for comments to be consolidated and submitted to BSi.

Suggested changes to the draft should include ideas for how issues can resolved. If individuals prefer, they can make comments via BSi’s Standards Development Portal, here.

When the consultation closes, BSi will circulate the finalised list of comments for discussion during BSi committee meetings in August.

Airmic has a very active ERM Special Interest Group (one of a number of special interest groups). Interested in joining this? Contact Hoe-Yeong Loke at hoeyeong.loke@airmic.com.