Operational Risk Software

...now browsing by tag

 
Basel II Software Controls Impact Inherent Risk Likelihood Operational Risk Software Residual Risk Risk Assessment Sarbanes-Oxley SOX Software Web Seminar
 

Qualitative Risk Assessment Methodology

Tuesday, April 6th, 2010

Inherent Risk Controls Residual Risk

Overview

Risk Assessment is very important as it provides the organization with an objective measure to differentiate between low risks and high risks. Risk Identification is an important step but often we end up with hundreds of risks without a clear way of determining which risks are the ones most important. The Risk Assessment methodology below describes how easy2comply meets these challenges.

Easy2comply also offers the ability to perform a quantitative assessment of the risk as well as a Scorecard / Questionnaire approach. These are not dealt with in this methodology paper.

The qualitative methodology is divided into three components:

  1. Inherent Risk
  2. Controls
  3. Residual Risk

The combination of the Inherent Risk value together with the Controls generates a Residual Risk level

Click to continue »

Posted in News | 1 Response »
Tags: , , , , , ,

Basel II – Operational Risk webinar

Sunday, November 22nd, 2009

Easy2comply has its third Basel II – Operational Risk webinar that focused on building effective Risk Management frameworks that can be implemented with smaller budgets and smaller departments.

Many questions were asked and I would like to focus on a few of them as they raise some interesting ideas for all of us.

A risk manager from the United States wanted to know about the overlap between Operational Risk and Sarbanes-Oxley. Whilst this blog won’t go into a lot of detail about the similarities and differences, the point that I made was around Controls coverage.

The SOX program covers all of the controls surrounding the Financial Reporting process, as well as the information flows into the end financials. The analysis on these controls is incredibly rich and deep, from identification, assessment, and all the way through to testing.

In contrast, Operational Risk covers a much broader set of controls across the organization; however the analysis on these controls is generally a lot shallower. Quite often it is sufficient to record that the controls exists and that they work.

These different approaches are both supported by the easy2comply SOX and Operational Risk software. Click to continue »

Posted in News | 6 Responses »
Tags: , , , , ,