The New Riskonomy

The Riskonomy Radar

Benchmarking organisational technology risk exposure

Using business leaders’ responses to a number of benchmarking data points from our research, our Riskonomy Radar reveals an organisation’s exposure to technology risk, mapping it to one of three ranges:

Prioritise &
invest

Indicates high exposure to tech risk, suggesting businesses will be vulnerable if they do not urgently prioritise and invest in their tech-risk management.

Revisit &
improve

Indicates moderate levels of tech-risk exposure – it’s recommended that businesses revisit their strategy and improve current practices.

Continue &
monitor

Indicates low levels of tech-risk exposure and suggests businesses can maintain current practices and monitor for any changes.

The data is used to assess technology risk exposure across different areas: the business itself, its operational network and the macro environment.

Internal tech risks

originate from operational processes and systems. This research focuses on data management practices (for example, having a designated team for data management), ungoverned use of generative AI, and a lack of relevant skills in employees.

Network tech risks

emerge when suppliers and partners fail to manage their own risk – exposing the primary organisation by association, connection or dependency. However, these risks (and their impact) can be limited through supplier risk assessment, implementing robust supply chain practices and managing resource scarcity.

Macro tech risks

involve external factors that are beyond an organisation’s control and can impact operational strategy and response – for example, regulation, geopolitics and cyber-attacks.

Overall Riskonomy Radar ratings

When combining the scores from all three key areas of exposure, our Riskonomy Radar indicates that

only 9% of organisations are exposed to low levels of risk

and can maintain and monitor their current risk management practices with no pressing cause for alarm.

The vast majority (91%) of businesses are exposed to moderate or high levels of tech risk and are vulnerable without further focus on investment into their risk management strategies.

Riskonomy Radar ranges:

11%

High
risk range

80%

Moderate
risk range

9%

Low
risk range

By cross-examining business leaders’ responses to individual risk factors and the patterns of their responses relating to each source of risk, this report analyses the organisations’ preparedness in more detail.