Risk management should be proactively implemented, rather than driven by events. That is the advice of Tichaon Zororo, director of EGIT and keynote speaker at the ITWeb Governance, Risk and Compliance (GRC) conference.

Industry experts believe that reactive measures - such as responding to the results of an audit or following an incident - is not an effective means of enterprise risk management, as it won't mitigate future risks and typically leaves companies playing catch up.

Jayson O'Reily, director of sales and innovation at DRS believes that reactive risk management "puts organisations on the back foot and makes it look like IT departments are cost centres and not value centres".

He adds that opting for proven methods is the better option, as these will help to deliver better results and cost savings.

"At a recent global risk management event I attended, experts in the risk management field were able to show an increase of 25 per cent on an organisation's share price through the implementation of a risk management process across their business," he explains.

It's also important to remember that a strong approach to risk management isn't just reliant on technical savvy - good judgement and common sense are also essential.

During the GRC conference, Mr Zororo also pointed out that a culture of risk awareness is a major part of successful execution of a company's strategy.

Mr O'Reily also believes that too many organisations practice risk management in a bits-and-pieces fashion, rather than taking a holistic approach. He says this leads to a high level of politics in the decision-making process, and means that finding a stakeholder who has overall responsibility can be difficult.

This echoes recent remarks from, risk management expert Paul Moore, who emphasised the importance of a company's culture in risk management processes. Using his experience in a previous role at HBOS as an example, he said that too many regulations and processes could be too much to deal with.

"You can have the best governance processes in the world, but if they are carried out in a culture of greed, unethical behaviour and indisposition to challenge, they will fail," he warned.