Corporate reputation is fragile and businesses are highly vulnerable to anything that challenges or damages it.  Most businesses appreciate the benefits that are derived from having a strong, positive reputation and the perception their product holds as a valued commodity retaining loyal customer trust. Reputational damage can be tricky to measure and is difficult to realize financially until an incident occurs which can undermine an organization’s reputation to its very core.

Reputational risk is defined as a loss resulting from damages to an organization’s reputation in terms of lost revenue or diminished share price.  Reputational risk can be a matter of corporate trust, but frequently serves also as a tool in crisis prevention by focusing attention on handling threats to reputation once a situation occurs.

Crisis management is not risk management and is a reactive approach to damage limitation through an event which has already happened.Hard-to-assess, intangible reputational assets such as corporate reputation, goodwill and brand integrity maybe difficult to quantify, however according to a recent study conducted amongst 230 board directors, it was reported that after financial risk, reputational risk appears to be the biggest concern for board directors:

  • 73 % of board directors said reputation risk is their biggest risk after financial risk (+19% on the previous year comparative study)
  • Regulatory and compliance risk was ranked as a concern by 56% of respondents – 20% behind reputational risk.
  • More than 60% of respondents stated that internal audit departments were helpful in identifying risk. The percentage rose to 73% for directors on public boards.
  • Directors reported that their boards were doing Very Well or Well Enough in identifying risk through Regular Board and Committee Meetings (90%), External Auditors (84%), Accounting Departments (80%) and Risk Management Insurance Providers (67%).

The study also highlighted figures for implementing a comprehensive enterprise risk management program which showed:

  • 33% have a comprehensive program and it is fully implemented
  • 27% have a program but it is not comprehensive
  • 14% have a program but it has not been adequately implemented

Reputational risk is a culmination of factors which can include regulatory legislation; financial/governance standards and IT & operational risk.  Managing reputational risk must begin by having a clear and unified understanding of what type of risk poses greatest threats and potential damage to a corporate reputation.  Companies should know the most common type of threats and take reasonable measures to prevent them through technology and internal policy controls.

Data security breach has gained considerable momentum and adverse public attention in recent years as the incidence of data exposures increases in notoriety.  The reputational damage arising from a serious data breach can be significant and poses vast financial, legal, and reputational risks to business.  There’s no doubt, that high profile data breaches by both the private and government sectors have contributed to the impetus to proposed mandatory data breach notification laws and legislation.

Recognizing the risks presented by data security breaches and managing them proactively before an event occurs is critical to protecting and enhancing good corporate reputational standards.  Data threats can be averted and controlled through monitoring and efficient responsive reaction to vulnerabilities as they arise.  Automated data discovery audits provide an ongoing surveillance and management methodology of data environments, helping organizations to manage reputational risk and ensure that compliance standards are met through reliable and ongoing risk assessment. Author: Gerard Curtin, CEO, PixAlert Article Sources: Compliance Week Date: 27 August 2013

Comments are closed.