Connecting the dots (in this case, the risks).
What was missing back then was the business intelligence engine to bring it all together.
Roll forward to 2016 and there are even more dots to connect. Over the last 5 years we have seen our clients rapidly build and deploy the following additional web-based forms to capture, workflow and report on risk related information pertaining to:
- Supplier due diligence
- Conflicts of interest
- Internal audit findings
- Compliance breaches
- Business continuity plans and tests
- Conflicts of interest
- New products evaluation
- Ex gratia payments
- Policy management
Apart from making the capture and dissemination of this information more efficient, we can then aggregate the data captured in these forms into a metric and connect it to the relevant risk:
Fraud: Number or dollar value committed during the month - connect to external fraud events.
Supplier Due Diligence: Dollar value of contracts executed, number of conflicts reported, contracts up for renewal in the next 90 days - connect to procurement risk.
Internal Audit Findings: Complaints, ex gratia payments – all entries can be connected to the relevant risk they relate to.
BCP plans and tests: Failed tests, plans outstanding – connected to hardware, software, infrastructure failures. And so on.
By connecting this information to their associated risks, the first line has a better picture of the risks they are assessing.
The second line can more easily challenge first line assessments.
The third line is now armed with more relevant information to support a risk-based approach to audits. Risk Committees have information that allows them to independently form an opinion on the top risks presented to them.
Risk in Motion dashboard - Protecht.ERM.
I love the application of technology to supporting and improving processes in business. Protecht.ERM makes the above a reality through its flexible form builder and integrated business intelligence engine. To see how we connect the dots click HERE.
You might be interested in the article Risk Velocity, the third dimension of Risk.
Is Risk and Compliance part of your role?
If you missed the free webinar, you can watch the recording here:
Would you like to speak to us about how you can optimise your compliance function and capability? please email firstname.lastname@example.org.