Risk & Audit
Risk is associated with the possibility of unfavourable events occurring within an organisation; audits are methodical assessments of the financial and operational elements; risk management is to recognise and reduce risks; audits guarantee accuracy, compliance, and transparency; auditors offer assurance and suggestions to improve an organisation’s governance and control.
The service includes initiating the project by scoping in a meeting, defining the scope, assessing existing documents, and addressing board requirements. Developing the Risk Management Framework, including policies and tolerances, and creating a Risk Management Plan and Guidelines with a three-step risk calculation process.
Although this service can be tailored to the client’s convenience it can usually be broken down into the following stages.
Stage 1
Involve the scoping of risk management and governance documentation works.
An inception meeting to:
• Specify the scope of work.
• Assess the availability of current risk and corporate governance documents
• Address any other constraints or requirements from the board.
Outcome:
• A clearly defined scope of work and a project timing schedule.
Stage 2
This stage involves:
• Reviewing the current Board and Governance structures, Risk and Compliance Board Committee, their charters, and minutes.
• Conducting a workshop with the Board and Executive to determine risk categories and specific risk tolerances.
• Developing a Risk Management Policy, creating a Risk Appetite and Tolerances Statement.
Stage 3
The focus of this stage shifts to developing a Risk Management Framework followed by subsequent endorsement by the Board.