The work-from-home phenomenon also contributed new wrinkles to talent management risks, as it has fundamentally changed how organizations and workers view the employment contract. As the report notes:
"New ways of working and organising personnel were already underway in recent years, with a trend towards more flexible working arrangements and greater autonomy as generational attitudes to work shifted. By forcing remote working almost instantaneously, the pandemic accelerated that gradual evolution.
Among the other major business trends fast-tracked by the health crisis is the competitive advantage afforded to companies with exemplary digital capabilities, heightening pressure on competitors to raise their game. This will mean hiring from an already highly competitive digital talent pool. Meanwhile, social equality and diversity issues were at the centre of public debate in 2020, which has brought companies' ethics, staffing policies and racial and gender representation into sharper focus than ever."
The complexity of this risk and its intersecting impacts on strategic priorities, such as digital transformation, disruptive innovation, and diversity, will make it particularly perplexing moving forward.
The pandemic's calamitous impact on the global economy boosted concern about financial, capital, and liquidity risks to near the top of the list. The number of audit leaders who listed it as a top-five risk jumped from 30% in 2020 to 42% in 2021 — the largest increase of any of the risks examined. This promises to continue to be a particularly thorny issue as economic instability and the distinct possibility of global recession threaten the financial viability of many organizations.
While not as dramatic, climate change and environmental sustainability also saw a sharp increase, with the number of respondents rating it as a top-five risk growing from 14% in 2020 to 22% in 2021. Only 8% of CAEs saw it as a top-five risk in 2019.
Another powerful insight provided by ECIIA's Risk in Focus 2021 is how top-five risks relate to where internal audit is focusing its efforts. The data points to some potential trouble spots. While internal audit spends considerable time focused on the top two risks — cyber and data security and regulatory change and compliance — it also spends significant time on corporate governance and reporting as well as bribery, fraud and other financial crime.