Examples - When Do You Call Us?
Guiding and facilitating the Board and Management in determining its risk tolerances
Guiding and formalizing each organization's risk appetite based on its unique risk tolerances.
Implementing changes to a system/procedure but unsure if they have any control implications or impact?
Evaluating or implementing system/procedures but unsure whether they have addressed the necessary control and audit requirements?
Internal controls established over time but unsure if they are still needed or achieve their objectives?
Systems/procedures that are ineffective or inefficient?
Unusual/suspicious activities noted but unsure what to make of them or whether they should be highlighted, escalated or investigated?
Improve and optimize the use of limited audit/review resources?
Training Board and Management on risk management concepts and framework.
Developing and documenting policies and procedures that improve governance, risk management, controls, fraud, conflicts of interest, corruption and probity.
Determining if controls and procedures in place are reasonable.
Unsure:
if segregation of duties is adequate within staff functions?
if certain activities are deemed fraudulent and the next steps?
about the impact/consequence and likelihood of a risk?
of the actions required to address a risk?
about what constitutes an acceptable and adequate Risk Management policy and framework?