Reputational Risk Draws Increased Board Awareness, But Not Action

In its fifth annual board of directors survey, “Concerns About Risks Confronting Boards,” EisnerAmper surveyed directors serving on the boards of more than 250 publicly traded, private, not-for-profit, and private equity-owned companies to find out what is being discussed in American boardrooms and, in turn, what those boards are accomplishing as a result.

According to the report, reputation remains the top concern across a range of industries:

Most Important Risks

“The financial cost and damage to reputation from a cyber/privacy breach is growing exponentially,” said Nancy Brady, EisnerAmper’s director of IT risk services. “Directors have recognized the increasing risk companies face related to cyber/data security. Now they need to roll up their sleeves and, with the companies, address these risks.”

While reputational risk remained the top concern of respondents, the survey found that companies are not necessarily translating awareness into action. In fact, only 31% said they were concerned about crisis management.

“There were a surprising amount—close to a quarter of respondents—who had no plans, and others just informally ‘doing their best.’ This lack of formality to address the most significant risk identified existed across all organizations,” the report said. “When plans existed, they included both everyday operations—such as to keep a positive reputation and reduce the risk—and strategies to address a crisis affecting reputation.”

Despite the minimal plans in place, the directors surveyed seem to hold themselves and other company executives primarily responsible for the response to a reputational crisis. When asked who is responsible for executing such a plan, they reported:

responding to reputational risk crises

Respondents also showed improving confidence in the performance of the board, committees, external auditors and accounting departments.

How well is board addressing risks

Click here for the full report from EisnerAmper.