MENLO PARK, Calif., Feb. 14, 2006 -- Risk management may be a higher priority for today's largest companies, but many corporate leaders lack a high degree of confidence in their organization's capabilities in this complex arena, according to the Protiviti U.S. Risk Barometer released today.

Only 38 percent of Fortune 1000 C-level executives surveyed in an independent study believe their companies are "very effective" at identifying and managing all potentially significant risks that could negatively impact business, operational or financial performance. More than half -- 54 percent -- acknowledge there is more they can do to identify, quantify and manage the risks they face.

"The corporate focus on risk management has changed dramatically over the last two years as a result of information technology advances, legal and regulatory issues, and myriad corporate governance reforms such as Sarbanes Oxley. Companies today are scrutinized more by everyone from the individual investor to major bond rating agencies," said Everett Gibbs, managing director for Protiviti. "Large companies, in particular, are more acutely aware than they have ever been of the risks facing their businesses and the serious consequences of not managing them effectively."

According to the study, companies do not have just one predominant risk today -- rather, they face a range of risks. The most significant risks impacting companies relate to information systems and IT security, customer satisfaction, activities of the competition, and legal and regulatory issues.

Faced with the potential negative effects of not addressing these and other risks properly, most companies are taking at least some steps to improve, according to the study. Sixty-five percent of respondents report their companies are planning to make changes to their risk management capabilities during the next two years. These efforts include enhancing their organization's ability to identify potential risks through implementing better technology and hiring more qualified staff.

"In today's rapidly evolving market, visionary companies have learned how to integrate risk management into their strategy-setting and use it not only for better internal control, but to improve business performance and communication among executives and board members," Gibbs noted. "Still, as the results of our U.S. Risk Barometer suggest, in most companies there is a substantial amount of work to be done if they hope to improve and gain more confidence in the effectiveness of their risk management practices. Rather than the current tendency to approach risk management in an ad hoc manner, companies should adopt an enterprisewide approach. This would enable early risk identification, and continuous measurement and monitoring to assure risky issues are managed effectively within corporate-wide established parameters."

Among the key findings of the Protiviti U.S. Risk Barometer:

* Companies are taking more risks but lack a high degree of confidence that they are managing them effectively - A majority of respondents said the overall level of risk their organizations face has changed significantly during the past two years. But only 32 percent of executives believe their companies are very effective at balancing control and protection of the business with entrepreneurial efforts to undertake new sources of growth and increased returns. Moreover, just 38 percent of executives report their organizations are "very effective" at managing their risk, and more than half acknowledge there is more they can do.

* Not enough companies are employing best practices for risk management, which is why most are taking steps to improve their capabilities - Less than half of large companies currently deploy proven risk management practices enterprisewide, including a risk assessment process (38 percent), oversight by a risk management executive committee (38 percent), and common language and uniform standards (39 percent). As a result, 65 percent of companies are planning to implement significant or moderate changes in their risk management efforts over the next two years.

* Customer satisfaction, IT security and the current regulatory environment top the list of most significant risks - Not surprisingly, nearly half of respondents (49 percent) tie business success to client satisfaction, believing potential weaknesses in this area pose a very significant risk. More significantly, executives noted numerous other risks that affect their company's ability to sustain customer satisfaction, such as operating performance, materials procurement, business continuity and fraud matters. Information systems and IT security were seen as potential areas of vulnerability by 45 percent of executives. Forty-three percent consider financial reporting and Sarbanes-Oxley Section 404 compliance to be very significant risks. Other risks viewed by senior executives as significant include technology innovation and threats to brand image.

About the Protiviti U.S. Risk Barometer

The study was commissioned by Protiviti Inc., a leading business and technology risk consulting and internal audit firm. The survey was conducted by an independent research firm and includes responses from more than 75 senior-most executives among the 1,000 largest companies in the United States, specifically CEOs, CFOs and other executives who play a strategic role in their organization's risk management decisions and work directly with the board of directors on these matters.

Protiviti will conduct its U.S. Risk Barometer study periodically to identify and understand ongoing trends in risks and risk management. In addition, the company is undertaking similar Risk Barometer surveys in a number of international markets, including France, Italy and the United Kingdom.

Protiviti recently was named a leader in enterprise risk management and compliance by Forrester Research. "The Forrester Wave(TM): Enterprise Risk Management Consultants, Q4 2005" (October 28, 2005) places Protiviti as one of only four companies in the "leader" category.

To obtain a complimentary copy of the Protiviti U.S. Risk Barometer, visit http://www.protiviti.com or call 888-556-7420.

About Protiviti Inc.

Protiviti is a leading provider of independent risk consulting and internal audit services. The firm helps clients identify, assess and manage operational and technology-related risks encountered in their industries, and assists in the implementation of the processes and controls to enable their continued monitoring. Protiviti also offers a full spectrum of internal audit services to assist management and directors with their internal audit functions, including full outsourcing, co-sourcing, technology and tool implementation, and quality assessment and readiness reviews.

Protiviti, which has more than 45 locations in North America, Europe, Asia and Australia, is a wholly owned subsidiary of Robert Half International Inc. (NYSE symbol: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index.

Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.