A new National Association of Corporate Directors (NACD) report provides useful guidance to the governing board (and perhaps the audit committee) in exercising oversight of what NACD refers to as “disruptive risks.”
The rationale for the report is grounded in a recognition that business entities across industry sectors and corporate forms are confronting a “VUCA” operating environment (i.e., an environment characterized by volatility, uncertainty, complexity and ambiguity). It therefore becomes imperative for boards to support their organizations as they seek to assess what the report refers to as “disruptive risks,” i.e., risks that, whether internally or externally driven, could have a significant economic, operational and/or reputational impact on the organization.
The report provides a series of recommendations on how large organizations can best identify, assess and respond to these risks. The report classifies disruptive risks within the following categories: government agenda, societal volatility, technology advances, and hazards and accidents. While not all of the disruptive risks will be relevant to the US-centered health system, others most likely will be (e.g., radical regulatory change, corruption and legal discrimination, new technology-driven business models, technology implementation problems, cyberattacks, disaster).
This new NACD report should be a useful prompt to health system board efforts to provide effective oversight of risk. Systems with existing board/management-level risk management functions might compare those to the principles recommended in the report. The general counsel and chief compliance officer are well situated to support any such review and comparison.