Board & Senior Management 2022-23 Priorities – Risks and Challenges Ahead

By Lawrence Baye, CMC, CISA and Mark Bednarz, CISA, CFA

If you believe that the last two years have been difficult, in all likelihood, 2022-2023 will prove to be just as challenging. Boards and Senior Management will continue to navigate through the pandemic and prepare for the possible emergence of additional virus variants that might again delay an organization’s return to a pre-pandemic state. From a global perspective, disputes between superpowers and regional conflicts create tensions at a time when the world economy is so interdependent. And, finally, we know that innovation driven by technology advances will require companies to adapt in order to thrive in an environment where new competitors emerge.

While there is no crystal ball that indicates exactly what challenges and risks lie ahead, there are 13 issues that will likely require Board and Senior Management attention.

Strategy and Governance

  1. Sustainability, Clean/Green Energy and Climate Change – The world is now living with the consequences of carbon emissions and past environmental practices that have polluted the water and air, increased the frequency and severity of floods, hurricanes, droughts and forest fires, introduced vector-based parasites that harm plants and animals, raised temperatures and sea levels and contributed to various health conditions such as the incidence of asthma and certain cancers. Going forward, good corporate citizenship requires each organization to demonstrate a commitment to sustainability and measurable progress toward minimizing their carbon footprint. Investors, customers, donors, the media, regulators and other stakeholders are closely watching the actions of those leaders charged with governance.

  2. Compliance with Changing Laws and Regulations – When it comes to governmental regulations, little remains static. At the federal level, Congress and the executive branch are considering tightening data privacy protections, limiting the use of fossil fuels and how wastewater is disposed and enacting other laws and regulations. Meanwhile, state and local governments are seeking ways to generate additional revenues, while adjusting existing zoning ordinances and building requirements and issuing new licensing rules.. If an organization does not keep abreast of these changes and know which ones apply to them, they will be ill-prepared to remain compliant and Boards and Senior Management may face fines, penalties and operating restrictions that negatively impact reputation.

  3. Board Oversight of Senior Management – Boards have a fiduciary responsibility to ensure the financial health of an organization, ensure sound governance practices are in place, approve and support the strategy or mission and evaluate the performance of Senior Management. Since leaders of today were not alive during the smallpox pandemic and few may recall how businesses dealt with high inflation in the 1970s, the Board may want to act cautiously and set realistic expectations until conditions improve. Also, the Board should perform a pulse check to ensure that the organization’s tone-at-the-top and governance practices are appropriate; far too many organizations have been damaged in recent years by executive misbehavior, code of conduct violations and other highly publicized issues that impact reputations.

  4. Geopolitical Instability – Escalating tensions between the United States and other countries we trade with and/or depend on may result in foreign government imposing tariffs and tax levies, reducing the supply of product available for export (and driving up prices) or cutting back on their purchase of United States goods and services. In addition, they may choose to investigate the operating practices of companies doing business overseas and even assume ownership of the entity. Boards and Senior Management that have an overseas presence or rely on foreign providers should determine whether they have any exposure and think through their response to any situation that may jeopardize that relationship.


  1. Organizational Resilience, Continuity and Crisis Management – Over the past few years, the United States has experienced numerous natural disasters and man-made accidents, instances of civil unrest, increasing criminal activity and active shooter threats. These events tend to occur with little or no warning. When organizations are forced to activate their Emergency Management, Business Continuity, Information Technology Disaster Recovery and Crisis Management functions, they are unable to act as a cohesive unit because the planning was often siloed in different divisions or departments. Boards should be made aware of the organization’s readiness to deal with a broad range of situations that might occur and understand the level of preparation, training, testing and mitigation measures that are designed to minimize damage, quantify loss and, most importantly, restore normal operations on an expedited basis.

  2. Supply Chain Disruptions – COVID outbreaks, bad weather, customer demand, port congestion, trucking, labor and equipment shortages are just some of the factors that have led to supply chain disruptions and price increases for goods, services, energy and other items. While inventory-driven businesses in the manufacturing, distribution, logistics and retail are directly affected, other organizations, such as government agencies, education, not-for-profits, technology, real estate as well as professional and business service firms, are also at risk because they rely on the availability of chip-based computers, network equipment and automobiles, office and maintenance supplies and building materials for capital projects and leasehold improvements. Boards and Senior Management should assess whether they have any exposures and adjust their needs and, if necessary, operations (e.g., chip allocation, reconfigure product assortments, refurbish old equipment to extend useful life, tap other supply sources and use) so they can sustain close-to-normal operations.

  3. Third Party Risk – Often vendors experience financial hardship and customers are the last to know. Smaller vendors, in particular, may not have adequate cash reserves or additional funding sources that are required to invest in their people, facilities, products, services and other assets necessary to maintain their competitive position in the market.. The Board and Senior Management should ensure that all new relationships are properly vetted pre-contract, a comparable level of due diligence is applied to arrangements upon renewal and know that that there are alternate suppliers and workarounds available as a contingency measure.

  4. Performance Management – While most organizations recognize the importance of having a formal strategy/mission and setting goals, many do not have defined performance measures they can use to track progress in meeting their objectives and make midcourse corrections as necessary. Since the pandemic has fundamentally changed the way many organizations operate, Senior Management and the Board should revisit the various outcome, quality, efficiency and effectiveness measures they used to capture and report on pre-pandemic and determine whether other metrics would be more meaningful and relevant. As part of this review, it is also important to evaluate how efficiently the organization’s processes are working, how resources are allocated and staff is deployed, and if there are procedures in place for monitoring day-to-day operations.


  1. Cybersecurity Safeguards and Data Privacy – COVID has accelerated the shift to doing business electronically and enabling employees to work remotely. At the same time, “bad actors” see this environment as fertile ground for engaging in cyber-crimes; insurance carriers are imposing additional requirements on organizations before they provide coverage. In the current environment, Boards and Senior Management should assess their security posture and determine whether they have the proper controls in place to not only protect their assets and information but stay in compliance with applicable security and privacy laws and regulations. Senior Management should discuss with the Board their security policies and practices that encompass desktops, laptops and mobile devices, datacenters, networks and cloud platforms, email, e-commerce and web services, identity and access control mechanisms, data classification and privacy protection, employee awareness training, cyberattack threats, vulnerabilities and incident response.

  2. Transformational Technologies and Digital Disruption – Senior Management should update the Board on Information Technology governance, strategy, investments and adoption. The covered topics should include the current state of their Enterprise Resource Planning, Customer Relationship Management, E-Commerce and Human Capital Management applications as well as the availability, reliability and scalability of their own/cloud/hybrid infrastructure. They might also address their plans for capitalizing on newer technologies and the role they envision for the Internet of Things (e.g., embedding intelligence in devices, vehicles, equipment, buildings, sensors, products), Artificial Intelligence and Data Analytics and more “futuristic” initiatives (e.g., blockchain and cryptocurrency, drones for delivery or visualizing structural conditions, virtual reality for training).

Human Capital and Finance

  1. Workforce Talent Attraction, Retention and Development – The United States is experiencing an unprecedented wave of resignations and turnover continues despite the wind down of enhanced unemployment benefits. Personnel losses are attributed to early retirements, fatigue and burnout, relocations, avoidance of in-office viral infection, changing personal goals and the opportunity to consider new careers. Employees working from home can easily change jobs by mailing in their laptop to their current employer and receiving a new one from a new employer with no face-to-face interaction. Boards and Senior Management should consider adjusting employee compensation to keep pace with inflation and market conditions, developing formal retention and succession strategies, formalizing individual development programs for advancement, deferring terminations to avoid burdening the existing workforce with additional work, revisiting staffing models to allow flexible schedules and seasonal employment and determining which non-core functions could be handled on an outsourced basis. If employees have been isolated from their colleagues, customers, suppliers and other industry contacts and interpersonal and social relationships have eroded, then there may also be a need to rethink the organization’s culture and how to foster personal connectivity, values and trust, improve communication and collaboration, promote diversity, equity and inclusion, give staff a voice in decisions, recognize the achievement of collective goals and link personal contributions and behaviors with the overall strategic vision..

  2. Changing Economic/Inflationary Conditions Affect on Liquidity and Profitability – Senior Management should advise the Board of their liquidity and profitability on a regular basis and any concerning trends they observe that may require corrective action. Scenario-based forecasting can be a powerful tool to show the impact of changes in revenue and expense, especially if these funds are needed to drive operations and/or to pay for new initiatives like capital projects. As part of this analysis, Senior Management should look at the true cost of its goods, services, programs and other initiatives to ascertain whether the current level of spend is appropriate. In addition, the profit margin of categories or individual products and/or services should be considered in case there are opportunities to improve margins by focusing on higher-end items if staffing and supply shortages force you to reduce overall production, offer fewer assortments, curtail hours of operation or services offered, etc. Each organization should have adequate reserves to draw upon (e.g. line of credit).

  3. Revenue Stability and Potential Growth – Whether its customer sales, member registration fees, student tuition, community donations, government reimbursement for running programs or other types of revenue, many organizations have found it difficult to sustain their operations. Boards and Senior Management should revisit their revenue drivers and determine if there are ways to boost revenue from existing sources, broaden their offering, expand their geographic reach to add new revenue streams and possibly adjust their product or service pricing upward if market conditions allow.

Contact Us

If you would like to discuss the specific challenges and risks that your organization may encounter in 2022-2023 and how to avoid being sidetracked so that your goals are achieved, feel free to reach out to:

Mark Bednarz, CISA, CFA

Lawrence Baye, CMC, CISA