RCaaS – Risk & Compliance as a Service
RiskCounts provides a RCaaS – Risk & Compliance as a Service over cloud, with managed services support. The service entails setting up of risks, controls, control procedures, assessments, issue management, risk appetite, economic capital and management reporting for risk management and governance.
Risk Control Self-Assessment (RCSA) is a major, and often mandatory, exercise by businesses to test the design of internal controls and controls effectiveness; and to ensure that controls are reducing the inherent risk to the extent for which they have been designed.
RiskCounts provides a comprehensive ERM software program with integrated RCSA application, that allows organizations to conduct their quarterly risk-control reviews, with the simplicity and workflow execution. on a single platform. The ERM application also provides an inbuilt issue-tracking and remediation module but can also easily be integrated with other issue and incident management systems that an organization may already be using.
ERM program implementation
-
Risks: Identify, define, and assess inherent Risks risks including credit, market, strategic, and operational risks
-
Gap Analysis and Maturity Assessment: Conduct gap analysis and maturity-assessment against status quo in risks, controls, policies, processes, LOD functionality, and governance
-
Risk Architecture: Establish/review requisit policies and procedures
-
Governance framework: Define a governance framework including required committees and authorities, with – Limits : for transactional market & credit risks – Metrics (KRI & KCI) : for strategic and operational risks – Reviews (Risk-Control Self-Assessment) – What-ifs
-
Scenario Analysis – Extreme values (Economic Capital)
-
Compliance: Cross-check for all legal & regulatory needs and standards, and board, audit, investor and client expectations
-
Reporting: Action oriented reports and dashboards
Risk Dashboard
-
The dashboard views can be customized to client need. A full range of analytics is available . These include: 1. RCSA process 2. bottlenecks 3. key risk issues
-
Control and residual risk ratings, changes, distribution, dispersion
-
New remediation with owner(s), timeline, status, aging
-
Open remediation items with aging, slippages, re-prioritization, rescheduling
-
Trend over a rolling four quarters-basis in RCSAs conducted
-
Provides overall ratings, average outstanding issues for the past RCSA's and issues closed
Additional Functionality
-
Set-up of risks, controls, control procedures and policies
-
Role of an Assessor
-
Finalization of control ratings by risk management / risk manager
-
Issue management & remediation
-
Key elements in each control category are identified as distinct control procedures