Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Get updates on Compliance Week offerings, including new features, databases, research, and other resources, along with announcements of upcoming Webcasts, conferences, seminars, CPE/CLE opportunities and more.

Published every Thursday, Compliance Week Europe offers a condensed summary of risk, audit, and compliance news either originating in Europe, or of special interest to European compliance professionals. This newsletter will follow developments by the European Commission, as well as those of national governments across the region, or any U.S.-based news that might have consequence across the Atlantic. Frequency: weekly; Thursday a.m.

A fresh edition of Compliance Week delivered via e-mail and online every Tuesday morning, relentlessly focused on the disclosure, reporting and compliance requirements of our 25,000+ paying subscribers.

Published every Friday, Compliance Weekend was launched at the behest of subscribers, and offers a quick Plain English review of the week's key developments. We hope you enjoy this supplement to Compliance Week's Tuesday edition.

Contingency Planning Tops Audit Hot Spots for 2013

Tammy Whitehouse | November 2, 2012

Volatility is becoming the new normal in Corporate America, and the devastating effects of Hurricane Sandy provide a reminder of the importance of being prepared for practically anything.

Contingency planning -- or preparing for the most catastrophic risks that could strike, like a hurricane -- is a high priority for chief audit executives heading into 2013, according to a recent report from CEB. Formerly known as the Corporate Executive Board, CEB published its report, titled 2013 Audit Plan Hot Spots, before Hurricane Sandy struck, but the contents might prove to be good catch-up reading in the aftermath of the storm.

According to CEB's poll of 100 or so audit executives, 47 percent acknowledged deficiencies in their current processes with respect to contingency planning, said Friso Van Der Oord, senior director at CEB. “It's a surprisingly large number in the survey,” he says, giving auditors good reason to think about what they need to do to be better prepared to handle the next “black swan risk” that might arise.

The CEB report says companies should recognize that business volatility should not be seen as an emerging risk, but instead as an accepted norm. It should inspire audit executives to take a closer look at a company's readiness to handle macroeconomic crises, catastrophic system failures, and massive data breaches. CAEs should think about stress-testing the company's ability to handle worst-case scenarios and evaluate the effectiveness of the company's crisis response mechanisms, CEB says.

Second on CEB's “top 10” list is strategy creation and execution, followed by bribery and corruption risk. Under strategy, CEB says 80 percent of companies report growth as their top priority, but many companies are challenged in determining where to invest for the best return in increasingly uncertain markets. Instead of showing confidence in their own strategic objectives and assumptions, companies are relying on analysis of mega-trends and scenario planning, the report says. “We've determined that two-thirds of corporate incidents causing drops in market value of 50 percent or more are the result of corporate strategy failures,” says Van Der Oord. “It's the wrong strategy in the marketplace. With heightened economic uncertainty, those bets are increasingly difficult to place.”

Rounding out the top 10 hot spots, CEB says companies should focus in 2013 more closely on on tax management, basic operating controls, project management, third-party relationships, talent management, tone in the middle of the organization, and reputation risk.