Document Type

Article

Publication Date

4-1-2019

Publication Source

Internal Auditor

Abstract

Only a few decades ago, the onset of problematic risk events often was slow, and organizations handled the corresponding aftermath over a manageable time frame. Organizations armed with extensive public relations resources responded to most postevent crises after planning and analyzing thoughtful responses. Additionally, organizations carefully calculated their transparency with stakeholders regarding the event to manage its impact on the organization. Fast forward to today, and the pace of information is almost instantaneous. For example, when a popular U.S. fast food restaurant chain experienced an outbreak of E. coli-infected lettuce, its stock price decreased 44 percent within 90 days amid intensive social media and news exposure. Recent privacy concerns directed at various social media companies caused stock valuations to drop within minutes and led to immediate calls for government investigations. Disclosure of inappropriate sales arrangements by a large U.S. financial institution caused a significant upheaval, including important personnel changes. In today’s environment, the timing between a catastrophic risk-driven crisis and the financial and reputational decline for an organization can be practically simultaneous. This new reality has forced senior executives and internal auditors to consider a new aspect of risk management—the velocity of risk.

Inclusive pages

20-21

ISBN/ISSN

0020-5745

Comments

The document available for download is the published version, provided in compliance with the publisher's copyright policy. Permission documentation is on file.

Publisher

Institute of Internal Auditors

Volume

76

Issue

2


Share

COinS