RCSA Advisory Services
RiskCounts provides advisory help in designing an efficient and effective Risk Control Self-Assessment (RCSA) program, that allows organizations to conduct their quarterly (or other frequency) risk-control reviews.
Risk Control Self-Assessment (RCSA) is a major, and often mandatory, exercise for businesses to test the Design of internal controls AND the Effectiveness of controls. The goal is to ensure that controls are reducing the inherent risk to the extent that they have been designed for. This goal is summarized in the following diagram that suggests using an A – B = C < D approach to review that the claimed decrease in the Inherent Risk (to the Residual level) is a valid one.
What is the main goal of conducting an RCSA exercise
Key Focus areas of RCSA Advisory Services
Establish and RCSA Program: Help establish a full RCSA program
Offer an Custom Toolkit: Application offered by RiskCounts is described in “Solutions”
Training: Train the business functions or the 1st line of defense, and Risk/Compliance or the 2nd line of Defense, in testing control-effectiveness and setting up detailed control procedures
Roll-Up of RCSA Results: Assist in roll-up of RCSA output to inform key stakeholders (including Business Managers and Risk Management), of the status of controls as well as key issues
Issue Remediation : Advise in the collection and consolidation of all RCSA remediation actions, issue management and prioritization; as required help create appropriate project plans