Risk Advisory

We assist our Client in implementing ERM framework which includes but not limited to the following:

Policy Level

1. Designing and Establishing Effective Risk Management Practices
2. Facilitating the Development of Risk Appetite and Risk Tolerances
3. Facilitating the Establishment of Risk Management Governance Structure
4. Drafting and Formalising Risk Management Policies and Procedures

Implementation Level

1. Conducting Enterprise Risk Management Workshops
2. Facilitating Risk Identification, Assessment and Evaluation Process
3. Facilitiating the Development of Key Risk Indicators
4. Assisting in Risk Documentation
5. Facilitating the Development of Risk Treatment Plans
6. Facilitating Risk Reporting

Monitoring Level

1. Continuous Assessment on the effectiveness of the ERM Procedures
2. Monitoring the Execution of Risk Treatment Plans

An RCSA program covers the following two significant areas:

1. Risk self-assessment – It is a practice that enables departmental heads and senior managers to analyze various business risks and rank them as “high,” “medium” or “low” based on potential losses and other qualitative measures.
2. Control self-assessment – It is a program that helps departmental heads and senior managers to assess, evaluate and ensure that internal controls, procedures and mechanisms implemented are adequate, functional and conform to top leadership’s recommendations, industry practices, professional standards and regulatory guidelines, to manage risks.

An RCSA initiative generally focuses on the following four types of risk:

1. Operational Risk – Risk arising from an organisation’s internal activities. It is a broad discipline focusing on the risk arising from the people, systems and processes through which the organisation operates.
2. Technology Risk – Risk arising when there is reliance placed by an organisation on Information Technology (IT), whether for the purpose of data processing, data storage, communication and etc. This is relatively a new term due to an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real-world processes it supports.
3. Financial Risk – Risk arising due to changes in commodity prices, interest rates and currency exchange rates that affects the variabiliity in cash flows and market value of an organisation and therefore, its financial health and competitive position in product and labor markets. It also include the risk of loss of principal or loss of a financial reward stemming from a borrower’s failure to repay a loan or otherwise meet a contractual obligation.
4. Compliance Risk – Risk arising from adverse regulatory actions when an organisation does not abide by laws and regulations.

Organisations rarely have the necessary resources to implement RCSA and our experience professionals can facilitate the exchange of leading practices and assist you to develop and implement cost-effective RCSA systems.