A study conducted this spring by Deloitte and Forbes Insights finds that an astonishing 91 percent of respondents plan to reorganize and re-prioritize risk management over the coming three years.\tPlanned changes included:\t\t\televating the function within the organization (52 percent)\t\t\treorganizing processes (39 percent)\t\t\tproviding additional training for staff (37 percent)\t\t\tincorporating new technology (31 percent)\t\t\tintegrating ERM into strategic planning (28 percent)\tWhy all the turmoil? ERM programs are changing in response to a variety of forces. These stimuli include market volatility, regulatory changes, and even the rise of social media -- which is the fourth-most-commonly cited source of risk in the survey. Overall, the Deloitte study notes that companies have "less tolerance for volatility and less tolerance for surprises" in the wake of ongoing global financial challenges, as articulated by one of the survey participants.\tThe response base comprised three broad industry groupings: life sciences and healthcare, consumer and industrial products, and telecom. Interestingly, when asked about their preferred outcomes of ERM efforts, life sciences companies were more likely to be concerned about compliance with regulatory changes; respondents from the other two industries were more focused on improving revenue growth.\tIn our observation, security pros (and associations and vendors) are prone to shave off their piece of the risk management pie, dubbing their disciplines security risk management, information risk management, and so on. These naming conventions can provide focus, but may also foster the development of functions that are out of sync with broader ERM initiatives.