Companies underestimate risks of digital transformation

Swiss companies have recognized the importance of digitization and its opportunities. But they still underestimate the risks of digital transformation projects. A positive aspect is the realization that not only technology risks are seen, but also risks from the strategic and cultural environment.

ERM Report, Digital Transformation
The figure shows the "Digital Risk Framework".

 

Companies have identified the initial risks of digital transformation, but their comprehensive analysis and assessment is still in its infancy. This is the conclusion of a study conducted by the Institute of Financial Services Zug IFZ of the Lucerne University of Applied Sciences and Arts together with SwissERM. "Strategic opportunities always include risks, and this is just as true in the context of digital transformation," says study leader Stefan Hunziker, "There is a danger that companies underestimate digital transformation risks."

In the ERM Report 2018, the authors conducted an extensive practice survey to find out how local companies assess digitization drivers, how highly they rate digital transformation risks, and whether they are prepared to manage them. The results are based on the assessments of 238 executives. This enabled an in-depth analysis of the perception and assessment of digital transformation risks by company size and industry affiliation.

"Digital Risk Framework" as a guiding framework

IFZ and its cooperation partner first developed the "Digital Risk Framework" (see figure above), which was reviewed by experts and members of SwissERM. It provides a tool to identify the risks of digital transformation by relating financial risks, operational risks, compliance risks, and customer risks (pillars) to digitization drivers (left side) that may force companies to adapt to new realities. The framework includes risks such as deep profitability of the digitized business model, dependence on external (IT) service providers, theft of financial resources through cybercrime or loss of reputation on social media channels.

Majority affected, differentiated risk perception

More than three quarters of the participating companies expect their industry to change as a result of digitization in the next three years. Around 45% expect their business model to change, accompanied by a transformation process. However, only one in five companies expects digitization to generate new market players, primarily companies from the energy supply, financial services and technology sectors.

36% of the companies assess the risks of digital transformation as high or very high. On the positive side, 56.3% rate their own risk response as appropriate. Progressive risk management takes place in particular at companies with 1000 or more employees (67.2%). However, only one-third of the participants state that their employees are well or very well aware of their own company's objectives with regard to digital transformation.

Barriers with significant risk potential

Barriers frequently arise in change processes, which can develop into significant risks depending on their severity. In the case of digital transformation, two barriers come to the fore - higher priorities/tasks (43.6 %) and a lack of digital culture (40.7%) - the causes of which lie in the strategic and cultural environment of a company. Obsolete IT systems were also cited comparatively frequently as a barrier by 38.2 % of the participants in the practice survey.

On a positive note, a lack of employee motivation (8.8%) and a lack of willingness to take risks (14.7 %) are mentioned relatively rarely. On average, each company identifies four implementation barriers. To avoid negative consequences from the outset, it is advisable to initiate precautions against the barriers often mentioned. Formulating a digital strategy, appointing a digital officer, and involving and training employees comprehensively at an early stage can be important levers.

Operational transformation risks most relevant

In the practice survey, 32 digital transformation risks from the "Digital Risk Framework" were focused on and assessed by the participants. With the exception of the risk "failure of the (IT) operating infrastructure", all risks were assessed as having a financial impact of no more than "medium". Also in terms of risk occurrence in the next three years, no risk has a probability of "high" or "virtually certain". This result suggests that many companies have already initiated measures. The extent to which these risks can be controlled is assessed more differently, with around half of the risks being "partly" or "mostly" controllable.

The companies rate financial risks as the least relevant. Operational risks, on the other hand, have the highest relevance. Compliance risks and customer risks show a middle tendency (see figure below). This suggests that the consequences of the digital transformation are still complex and difficult to assess. Companies must therefore regularly analyze and monitor all risks and establish targeted measures.

The ERM Report 2018 "Risks of Digital Transformation in Swiss Companies" can be downloaded free of charge here.

ERM Report, Digital Transformation
Assessment of digital transformation risks by risk category.

 

(Visited 84 times, 1 visits today)
h2> More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link