Enterprise Risk Management
|
Ensuring Ongoing Cost-Effective Compliance
A risk is still a risk, whether it is identified in Sarbanes-Oxley Compliance, Basel II, Revenue Management, Business Continuity Management,
or health and safety audits. If risks identified during any type of compliance audit are stored in spreadsheets or separate tools,
then the best case situation is that there is duplication of effort in recording business risks in two places, and the worst case situation is
that the risk management across each of the corporate risk registers becomes out of step and subsequently inaccurate.
Consequently to ensure enterprise risks are most effectively managed, each regulation / compliance / risk-based initiative should form a
specific subset of all the risks managed by a business, under the umbrella of an overall risk management strategy. Unsurprisingly, this is
also the view taken by vendors such as Methodware who have been providing clients with established enterprise risk management tools for years.
By using one Enterprise Risk Management tool to drive the Risk Management and mitigation activities across all the various initiatives, the
amount of redundancy and duplication can be reduced and the subsequent risk of error reduced with it.
SECOR can assist in all stages of Enterprise Risk Management, from the initial risk identification and catalogue and subsequent control
identification, through to the definition and implementation of an appropriate risk management framework and supporting Enterprise Risk Management tool.
|
