The survey indicates that only 6.2 per cent of organisations have formalised risk appetite statements that were documented in policies and procedures, supported by thresholds that establish parameters for specific risks.
Publicly listed and unlisted, and not-for-profit organisations have the highest level of maturity, while federal, state and local governments - as well as private organisations - have a lower overall maturity level. All findings are based off a survey of 356 AICD members.
Marita Corbett, Partner in Risk Advisory at BDO Australia said “In an age where disruptive forces - particularly technology - can no longer be ignored, organisations need to have the capacity to change and experiment. And that means they have to take on some risk.”