With organisations in all sectors placing a greater emphasis on risk management, the need for a robust risk management framework has never been clearer. Undertaking a periodic review to assess the effectiveness of an organisation’s risk management framework is necessary to ensure that the framework meets the needs of the organisation and also satisfies regulatory expectations.
Our in-house team of experts can assist with an independent review of your organisation’s risk management framework. While the scope of each review is different, below is a sample scope of a risk management framework review.
A ‘desktop review’ of existing documentation including relevant policies, the risk management framework, risk appetite statement and other relevant documents. Our team will also review a sample of historical reports to the management team, relevant committee(s) and / or the board of directors.
A ‘desktop review’ of the risk register ensures the collation of risk information across the organisation is in line with the risk management framework. Our team will also assess the quality of the information included in the risk register – this includes the wording of risks and controls, the logic of the risk scoring, etc.
Our team will discuss the existing risk management framework with the key members of the organisation to assess their understanding of the framework and how embedded it really is in the organisation.
The final part of the scope of work typically includes and report which details the findings and recommendations on how to address each finding. The report is usually accompanied with the presentation to the senior management team and/or board of directors.