Effective governance ensures success
Success Assurance - GRC
HomeEnterprise Risk ManagementProject or Change GovernanceCorporate GovernanceInternal Audit

Adapting Risk Management to deliver Success Assurance

Risk Management fails when it is not fully understood or valued. Reasons for this include:

 

  • The risk management process not being integrated into corporate decision making
  • Lack of infrastructure to promote a consistent and thorough risk management process
  • A lack of understanding of what a control or mitigation is
  • Transparency in the ownership for the control environment
  • Ineffective risk reporting processes
  • Ambiguity in the design of the risk appetite statements.

 


Over the course of 30 years we have developed a highly customised approach to address these weaknesses and develop what we call Success Assurance.

There are a number of underlying themes which guide our approach.  These include:

 

  • Setting measurable risk appetites and tolerances which aid decision making
  • Developing and delivering bespoke training programmes to as many employees as possible to increase the organisations risk management capability
  • Facilitating operational, tactical and strategic risk assessments to identify key risks, common threats and to develop robust mitigations to comply with the organisations risk appetite
  • Re-engineering systems and processes as required to minimise redundancy and maximise synergy
  • Working with Internal Audit and other assurance providers to deliver positive assurance through the development of risk metrics and dash-board reporting.

 

Our preferred methodology is to work closely with an in-house team to transfer as much knowledge and know-how as possible. This builds our clients risk management capability and ensures governance processes can continue to evolve after our engagement ends. Each of our subsequent interventions are designed to embed risk management and increase risk management maturity.

We apply our Success Assurance methodology on all assignments with the scope varying, depending on the level of the organisations risk management capability. We have successfully applied this approach to organisations as diverse as Governments through to utilities and multi billion euro private businesses.  

If you would like to discuss how we might be able to help you please emaill John at john@moodysriskmanagement.com.