Risk management and assessment

 
Risk management and assessment is present in all facets of life and business is not an exception. These tasks are ongoing and if not carried out or carried out incorrectly, an organisation may go out of business. Risk management must be backed by corporate governance and be applied at all levels of the organisation, taking into account risks present in the business environment, in the organisation itself, and in processes and transactions, based on a holistic approach or a more detailed approach. 
 
The risk management and assessment process includes the following stages as part of a recurring cycle:
 

• Identifying risks and establishing their grade as a function of importance and probability.
• Identifying and/or implementing associated controls.
• Evaluating controls with regard to their design and operation (testing).
• Identifying and managing residual risk.
• Ongoing improvement.

 
Our methodology enables us to provide a comprehensive service or a partial service based on different approaches, as follows:
 

• Diagnosing the current risk management and assessment process of the organisation,     including level of institutionalisation and maturity.
• Developing and/or introducing a comprehensive risk management and assessment scheme.
• Evaluating the design of controls.
• Evaluating control operation (recurrent high-stress testing with an internal audit approach).
• Preparing a risk and associated control matrix.