AuditBoard Survey: 81% of Audit and Risk Professionals Believe Risk Will Be Unpredictable In 2021

Results Highlight Gaps in Risk Management Programs; Dynamic Risk Landscape; Permanent Shift to Remote Work

LOS ANGELES--()--AuditBoard, a leading cloud-based software platform transforming the way enterprises manage critical audit, risk, and compliance work, today released new survey data which reveals that a majority of audit and risk professionals believe the risk environment will continue to be dynamic and unpredictable in 2021, rather than returning to more stable pre-pandemic conditions. The top risk they cited for the coming year was of "economic conditions impacting growth,” followed closely by “cybersecurity threats.” The responses also illustrate the long-term changes audit and risk professionals will experience in their roles as a result of the pandemic, and how crucial those individuals will be in helping organizations overcome risk challenges despite gaps in enterprise risk management (ERM) programs.

The findings come from a series of surveys conducted at AuditBoard’s recent Audit & Beyond virtual conference, which was attended by more than 5,000 audit, risk, and compliance practitioners. Attendees were surveyed on the difficulties organizations face as a result of the pandemic, and the ways in which making audit and risk management a core part of business strategy can help limit future risk. Their responses* illustrate the dynamic challenges enterprises face as a result of the pandemic, and how crucial audit, risk, and compliance functions will be in overcoming these difficulties.

A Permanent Shift to Remote Work

One of the biggest challenges the COVID-19 pandemic has created for audit, risk, and compliance professionals is the sudden shift to remote work. Performing audit and risk management tasks in a remote environment is a significant challenge without the aid of modern, collaborative technology. Recent Institute of Internal Auditors (IIA) polls suggest roughly three-quarters of audit teams are without a modern audit technology solution today. However, when asked by AuditBoard about the future of work, nearly two-thirds (59%) of respondents said they expect their team will work remotely for all or part of the workweek once quarantines lift. 7.5% said they expect their team will work 100% remote on a permanent basis. This shift to remote work presents a major operational challenge for audit, risk, and compliance teams.

"Conditions this year have changed drastically due to the pandemic, and audit, risk, and compliance organizations have had to act quickly to adapt to the dynamic risk environment while maintaining operational continuity,” said John Reese, SVP of Marketing, AuditBoard. “AuditBoard survey responses overwhelmingly showcase how quickly the workplace mindset is shifting, and how important modern audit, risk, and compliance technology has become to support a more remote and connected future.”

Businesses Face Dynamic Risk Environment

During the executive keynote presentation at Audit & Beyond, attendees were asked questions about the risks their businesses face as a result of the pandemic and looking forward. Responses reveal an evolving risk landscape with a variety of different business priorities.

  • More than eight in ten (81%) of respondents said "risk will continue to be dynamic and unpredictable" in 2021 and beyond.
  • When asked what they see as the most pressing risk facing their businesses in 2021, 27.6% of respondents said, "economic conditions impacting growth," more than one-quarter (27%) said, "cybersecurity threats," and 12.8% said "business continuity and crisis response."

"Audit and risk professionals expect the 2021 business risk environment to be unpredictable," continued Reese. "Specifically, they are most concerned with the potential risk of economic conditions, cybersecurity threats, and business continuity as their organizations are faced with a fast-changing external environment. Technology like AuditBoard will be a crucial enabler as organizations strive to understand and manage these risks at scale, and stay a step ahead."

Amid Changing Strategies, Risk Management Programs Often Lacking

The pandemic has shifted risk management strategies for most organizations, but many organizations still lack a mature Enterprise Risk Management (ERM) program. COSO defines ERM as the strategies that organizations rely on to manage risk in creating, preserving, and realizing value.

  • 79.5% have either made moderate changes (43.1%), redirected strategy in certain areas (29.3%), or made significant broad-ranging changes (7.1%) to their risk management program since the start of the pandemic.
  • Despite these measures for managing the changing risk landscape, just 16.1% reported having a "robust ERM program" that impacts daily decision making and internal audit planning.

Audit Teams Becoming a Core Part of Business Response to Risk

Responses from survey questions directed specifically at audit attendees show how auditors are becoming an increasingly relied-upon asset for organizations as they navigate these risks.

  • More than half (55%) replied that they agree or strongly agree that internal audit teams are involved with discussions of risk and potential responses to the crisis.
  • The same sample of respondents was also asked how COVID-19 will change communications between audit teams and the rest of the organization. Close to half (44%) said that communications with audit committees will increase moving forward.
  • In a separate conference session, 84.3% of respondents replied that they are somewhat or very likely to expand risk assessment to new areas or processes and add new controls to mitigate additional risks as a result of the pandemic.

Full survey results are available here.

*Audit & Beyond conference attendees were presented with different sets of survey questions at select conference sessions. As a result, the sample size of respondents varies from question to question. Sample sizes for all response sets provided in this release range from 700 to 2,100 respondents.

About AuditBoard

AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management software on G2, and was recently ranked as the third fastest-growing technology company in North America by Deloitte. For more information:


Scott Garner


Scott Garner