Embrace technology disruption and manage risks at speed

People walking
  • Blog
  • 6 minute read

Our Global Risk Survey finds tech fueling new views on enterprise risk management

Disruptive technologies are creating both an appetite for risk and new opportunities to navigate risk. Generative artificial intelligence (GenAI), cloud foundational models and other technologies are rapidly and deeply permeating organizations, creating both exciting possibilities and new risks.

The speed at which organizations are adopting these technologies requires close attention to the legal, ethical, cyber and regulatory risks they can introduce. Yet many organizations are still scaling up their risk management response. Just 51% of Canadian respondents (57% globally) to our Global Risk Survey say preparing for technology investments triggers a review of their organization’s risk landscape. 

This can limit an organization’s ability to create value from transformative technologies. Separate PwC research illustrates the importance of keeping a dual focus on AI risks and opportunities—a principle that also applies to other disruptive technologies. For example, 62% of Canadian respondents (52% globally) to our Global Digital Trust Insights survey say GenAI will lead to catastrophic cyber attacks in the next 12 months. At the same time, 80% (77% globally) say GenAI will help their organization develop new lines of business within the next three years.

We’re seeing leading risk management professionals respond by changing the way their organizations see risk. They're using advanced data and analytics tools, instilling resilience into technology investments and aligning risk mitigation strategies even closer to corporate strategy. And they recognize the importance of refreshing their enterprise risk management practices, including assessing the guardrails they have, need or must enhance to make sure they’re using GenAI responsibly and have the controls in place to mitigate risks. 

This helps demystify new technologies and lets organizations deploy advanced capabilities with greater speed and confidence—creating the opportunity to gain a first-mover advantage over competitors.

A human-led, tech-powered approach to building trust amid disruption

Risk professionals who take a human-led and tech-powered approach to managing risk can provide timely input into technology investment decisions and accelerate value-creation opportunities.

Applying the following principles can enhance trust in how your organization uses emerging technologies and turn risk into an enabler of change, growth and resilience.

Many companies want to make better use of data and technology to manage risk. But most Canadian organizations are in the early stages of their journey. Just 13% of Canadian respondents (10% globally) to our Global Risk Survey say they have advanced and predictive risk management capabilities that use cutting-edge technology and data. Further, only 17% (15% globally) say digital risk management tools help them develop processes and controls to responsibly embrace emerging technologies.

Sophisticated governance, risk and compliance (GRC) tools give organizations greater insights into their key risk indicators by helping to detect, act on and monitor erroneous activities. This is particularly important as technology investments introduce new cyber risks. Organizations can use GRC tools to scan their attack surface, map critical digital assets and reveal potential vulnerabilities, misconfigurations and areas of exposure.

Making resilience part of your technology strategy up front, and throughout the implementation lifecycle, helps organizations take a prudent and timely approach to risk management. Yet 42% of our Canadian survey respondents (47% globally) don’t invest in technology to drive resilience and manage risk as part of their enterprise-wide technology strategy.

Early identification and mitigation help de-risk technology investments. This also helps compliance and risk management functions better understand the approach of IT, finance and the business, helping to define revised responsibility matrices and an overall risk management strategy.  

This holistic approach helps foster resilience, build trust and deliver sustained outcomes. Bringing together cross-disciplinary teams helps develop the right risk and controls programs when implementing new technologies. This lets organizations build automation, resilience and risk mitigation features into new systems. It also reduces manual intervention, creating measurable efficiency gains and systems resilient by design.

In recent years, we’ve seen greater convergence in conversations about corporate strategy, risk and resilience. Many organizations map risks to strategic objectives and establish key performance indicators to proactively evaluate their capabilities and resilience.

But only 34% of Canadian respondents (32% globally) to our survey strongly agree that their organization uses purpose and vision for the future to make decisions about risk. Furthermore, these decisions are often reactions to incidents. 

Yet we’re seeing promising signs. Many risk professionals are pinpointing emerging risks that could prevent their organization from executing its strategy, building resilience and delivering on critical product and operational commitments. They’re also communicating the implications to the owners of those risks and the associated controls. And they’re evaluating the level of assurance and confidence around those risks and controls.

Take the hypothetical case of a retailer developing a GenAI-powered chatbot to enhance its customer service capabilities by providing product recommendations. The risk function can flag emerging compliance risks and help their organization establish policies that align with existing AI and GenAI frameworks, guidelines and draft and final regulations, as well as data privacy rules surrounding the use of information consumers share with the chatbot. 

The agile and rapid development of GenAI-powered solutions and other emerging technologies makes it crucial to involve the risk function at various stages of the technology lifecycle. Deploying these solutions with risk mitigation and resilience in mind can build trust in how their company creates value from disruptive technologies.

Moving from threats to opportunities

Our survey shows most organizations are still scaling up the human-led processes and technology-powered tools needed to manage the risks and capture the value of disruptive technologies.

This means the opportunity for early advantage is still available to those bold enough to move quickly and balance risks with the rewards of embracing emerging technology at speed. 

Change the way you see risk

Reach out to discuss how you can turn risk into an enabler of change, growth and resilience.

Follow PwC Canada

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Contact us

Rolandi Treska

Rolandi Treska

Partner, National Enterprise Systems and Data Trust Leader and GRC Technology Leader, PwC Canada

Tel: +1 647 834 5025

Peter Hargitai

Peter Hargitai

National Digital Risk Solutions Leader and Americas Cloud Risk Capabilities Leader, PwC Canada

Tel: +1 416 941 8464

Mark Barboza

Mark Barboza

Director, Operational Resilience, PwC Canada

Hide