The Shared Assessments Program today released a new briefing paper, The Role of ERM in Managing Risks Related to New Technologies. This collaborative, member-driven effort examines the challenges that come with significant technology shifts, such as IoT, AI, 5G and the encryption issues related to quantum computing.
Technology advances can fuel heightened productivity, important product development and enhance the ability to meet business objectives. Yet, along with these benefits, technology often introduces new risks. An incomplete understanding of those risks can lead to material consequences. The paper highlights the key role the board and C-suite should play in helping to recognize and respond to the risks that emerging technology presents.
”It’s important for Boards to ensure that a systemic process exists for recognizing and maximizing outcomes from new technologies. Executive management should evaluate whether appropriate structures and resources are in place to understand both opportunities and significant risks associated with emerging technologies, and where gaps exist, close them,” notes Gary Roboff, Senior Advisor at the Shared Assessments Program.
Key practices that should be implemented when planning and adopting new technologies include:
- Ensuring an effective, repeatable process to identify associated opportunities and risk management challenges.
- Making sure the right technology talent and skillset are in place or acquired.
- Configuring ERM structures to facilitate risk mitigation.
- Educate boards and executive management about the risks, especially AI and quantum computing.
Both internally and with third parties, the paper delves into challenges and opportunities of each of the four most significant emerging technologies. Appropriate actions include:
- IoT: Implementing a complete IoT-focused risk management regimen.
- 5G: Utilizing only trusted 5G technologies and equipment, providing continuous monitoring; tightening supply chain standards.
- Encryption Challenges related to Quantum Computing: Following development of post-quantum cryptography standards by NIST and preparing implementation strategies.
- AI: Developing a cross-disciplinary process to identify and manage associated risks.
“While specific emerging technologies each represent some level of risk, the interdependencies and cumulative effect of these technologies when integrated can present a significant increase in risk to an enterprise. A clear example is the current IoT environment, which will become a more powerful and capable technology once leveraging 5G and, in the process, yield a more formidable risk challenge for all organizations,” said Shawn Malone, Founder & CEO, Security Diligence, LLC.
The briefing paper and companion executive summary can be downloaded at: https://sharedassessments.org/blog/the-role-of-erm/.
About the Shared Assessments Program
As the only organization that has uniquely positioned and developed standardized resources to bring efficiencies to the market for more than a decade, the Shared Assessments Program has become the trusted source in third party risk assurance. Shared Assessments offers opportunities for members to address global risk management challenges through committees, awareness groups, interest groups and special projects.