Developing risk maps, heat maps and risk rankings based on subjective assessments of the severity of impact of potential future events and their likelihood of occurrence is common practice. These approaches provide an overall picture of the risks, seem simple and understandable to most people, are often the result of a systematic process, and provide a rough profile of the organization’s risks.
Read More
Topics:
Internal Audit,
Risk Assessment
Once a company forms an internal audit function, completes the risk assessment process and develops an internal audit plan that is responsive to the risk assessment, it can initiate individual internal audit assignments.
Read More
Topics:
Internal Audit,
Risk Assessment,
Self-Assessment
Making Your Risk Assessments Count: A Compliance Perspective to Risk Assessment
The traditional approach for assessing compliance risks focuses on the severity of impact and likelihood of occurrences, often on a residual risk basis. This approach often results in a cluster of low likelihood risks with various levels of potential severity and fails to address the potential implications to the enterprise of a breakdown in established policies and procedures. For compliance risks, in lieu of mindless guesswork on probabilities, companies should consider the effects of noncompliance events in terms of the following factors:
Read More
Topics:
Risk Assessment
Making Your Risk Assessments Count: An Operational Perspective to Risk Assessment
Operational assessment is often directed to assessing performance against quality, time, innovation and cost targets to identify gaps in process performance. Significant performance gaps lead to decisions around making appropriate midcourse corrections or analyzing root causes with the objective of determining actionable process improvements to close the gaps. Given this traditional approach to an operational review, the question of the appropriate level of focus arises when evaluating operational risks.
Read More
Topics:
Risk Assessment
Making Your Risk Assessments Count: Consider the Distinguishing Characteristics of Risk
Traditional risk assessment approaches don’t often address the unique risk characteristics most companies face. While using a common analytical framework to evaluate risks with different characteristics may make the assessment process easier to execute, it also may not be as effective as approaches that could provide more insight into how to respond to assessed risks.
Read More
Topics:
Risk Assessment
The internet of things (IoT) is an environment in which “things” – objects, animals or people – are given unique identifiers on the internet and are able to transfer data over a network without the need for human-to-human or human-to-computer interaction. The IoT has evolved from the convergence of wireless technologies, micro-electromechanical systems (MEMS) and the internet.
Read More
Topics:
Risk Assessment,
IT Strategy,
Privacy,
Business Continuity Management
Most, if not all, business transactions executed today touch the information technology (IT) environment at some point in their lifecycle. As organizations plan for the next calendar year, it’s logical to regard the IT risk assessment as a critical component that should be reviewed through the internal audit function.
Read More
Topics:
Laws & Regulations,
Compliance,
Risk Assessment,
Performance Management/Measurement
Copyright pirates, brand impersonators, patent flouters and trade secret thieves are a major threat to businesses, given their increased aggressiveness towards intellectual property (IP) theft. These, and any other original creative works that have economic value and are protected by law, can be categorized as IP.
Read More
Topics:
Enterprise Risk Management,
Risk Assessment,
Strategic Risk,
Data Security,
Performance Management/Measurement,
Intellectual Property
An effective business process is built on a set of well-defined and clearly stated business objectives. These key objectives articulate the ideal performance results that the company expects from that process. To monitor a business process so that it stays focused on reaching the key objectives, the company chooses appropriate performance measures. Careful selection of the performance measures takes a company a long way toward improving a business process. Thus, to build and continually improve an effective business process, a company establishes:
Read More
Topics:
Internal Audit,
Risk Assessment,
Quality Assessment Review,
Performance Management/Measurement
What is Money?
People may say that “money is the root of all evil,” but is it? It may be best to point out that the original quote is better expressed as, “for the love of money is the root of all evil,” which more properly conveys the idea that money is just a thing and not evil itself, but greed and excessive desire for money can be judged morally.
Enough philosophy – let’s get down to brass tacks. Money is useful.
Read More
Topics:
Enterprise Risk Management,
Risk Assessment,
Investments & Foreign Exchange,
Accounting/Finance,
Cash & Treasury,
Performance Management/Measurement