This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

CFO Insights — Extended enterprise risk: Managing exposure beyond the organization

Published on: Oct 18, 2018

A large global organization may have tens of thousands of suppliers, accounting for up to 80 percent of organizational cost. It may also have a number of partnerships, alliances, and other business relationships with external parties, all of which have suppliers, partnerships, and alliances of their own. Indeed, in today’s digitally interconnected world, business ecosystems are growing bigger and more complex than ever before — and while this drives a great deal of value, it also inevitably gives rise to extended enterprise risks stemming from external parties’ actions.

Virtually every aspect of an organization is vulnerable to extended enterprise risk, and as organizations continue to evolve toward more complex ecosystems, these risks will likely only grow. Yet, while this is widely acknowledged, extended enterprise risk management (EERM) practices have remained relatively immature. At too many organizations, EERM processes fail to adequately consider extended enterprise risks — which not only exposes an organization to harm, but, worse, may even blind them to the possibility that harm could arise.

Why this failure? Partly, it’s because of the sheer difficulty of monitoring and managing the myriad of value-creating activities that take place outside one’s own legal control. However, the whole explanation isn’t simply that EERM is difficult. It’s also because many management teams and boards have yet to reset their concept of the “front line of defense” to include suppliers, customers, and others in the organization’s broader system of stakeholders.

The good news is that the pragmatic difficulties of managing extended enterprise risk are lessening, thanks to new technological and organizational approaches that can reduce the necessary investments and establish clear accountability for executing EERM activities.

This issue describes three important areas of innovation — emerging technologies, cooperative relationships, and organization and governance models — that leading companies are pursuing to reset the front line of defense.

Download

Related Topics

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.