Risk Advisory Building a fit for purpose framework
ERM Program Design & Implementation:
- Risks: Identify, define, and assess Inherent Risks including Strategic, Credit, Market, and Operational Risk
- Gap Analysis and Maturity Assessment: Conduct gap analysis and maturity-assessment against status quo in risks, controls, policies, processes, LOD functionality, and governance
- Risk Architecture: Establish/review required Policies and Procedures
- Lines of Defense (LOD): Recommend appropriate 3 LOD model for the client, considering all its risks and gaps in status quo
- Governance framework: Define a governance framework including required committees and authorities, with
– Limits : for transactional Market & Credit risks
– Metrics (KPI, KRI & KCI) : for Strategic and Operational risks
– Reviews (Risk-Control Self-Assessment)
– What-ifs - Compliance: Cross-check for Legal & Regulatory needs and standards, and Board, Audit, Investor and Client expectations
- Reporting: Outline a methodology with draft set of action-oriented reports and dashboards
RCSA Advisory Controls testing and Issue Management
Key Focus areas of RCSA Advisory Services:
- RCSA Program: Help establish a comprehensive RCSA program
- Offer a Custom Toolkit: Application offered by RiskCounts is described in “Solutions”
- Training: Train the business functions or the 1st line of defense, and Risk/Compliance or the 2nd line of Defense, in testing control-effectiveness and setting up appropriate control procedures
- Roll-Up of RCSA Results: Assist in roll-up of RCSA output to inform key stakeholders (including Business Managers and Risk Management), of the status of controls as well as key issues
- Issue Remediation : Advise in the collection and consolidation of all RCSA remediation actions, issue management and prioritization; as required help create appropriate project plans