We also asked respondents to provide their assessment of the overall level of their organization’s risk management maturity using a scale that ranges from “very immature” to “robust.” We found that the level of sophistication of underlying risk management processes still remains fairly immature for most responding to our survey. When asked to describe the level of maturity of their organization’s approach to risk oversight, we found that 19% described their organization’s level of functioning ERM processes as “very immature” and an additional 23% described their risk oversight as “developing.” So, on a combined basis 42% self-describe the sophistication of their risk oversight as immature to developing (this is even slightly lower than the 45% reported in our 2013 study). Only 4% responded that their organization’s risk oversight was “robust,” consistent with responses noted in all five of our prior reports.