Compliance Week - Breaking Down the Risk

Compliance Week - Breaking Down the Risk - Breaking Down...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Breaking Down the Risk-Assessment Process Louis M. Thompson June 15, 2010 The Compliance Week 2010 conference provided a series of “conversations” on risk assessment that revealed how far along leading companies have come in implementing that process, and gave some valuable insight into how executives can improve the information that boards of directors need to exercise their risk-management role. To evaluate the overall state of risk-assessment, one must start with how companies have implemented a risk-assessment process. Most focus on the legal and regulatory requirements applicable to their particular industry and regulations from the Sarbanes-Oxley Act. I heard some people in the CW2010 discussion groups refer to the basic process as a “check-the-box” approach once rules and regulations are identified. The evolution of risk assessment has advanced to the point where a significant number of those with the responsibility have the title of chief compliance officer. Most are lawyers and report to the general counsel or chief audit executive, with a dotted line to the board’s audit committee. At the board level, the audit committee chairman receives reports from the company’s compliance officer; the entire board may discuss these, particularly if some areas need additional emphasis. At the next level, more sophisticated companies have combined their assessments of legal and regulatory risks with enterprise risk management. This is a more holistic approach, since identifying risk is a comprehensive assessment of the enterprise itself. Jack Holleran, the senior compliance officer at Marsh & McLennan Cos., identified five categories of risk: compliance and regulatory, strategic, operational, financial, and human capital. Holleran said that the ERM results should align with strategic planning, budget setting, auditing, and other core processes. He also said it takes at least three years for most organizations to achieve full alignment. Marsh Mac instituted a risk-assessment model in 2009 for an enhanced compliance and risk-management
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/30/2012 for the course RISK 5855 taught by Professor Harrinson during the Spring '12 term at Court Reporting Institute of Dallas.

Page1 / 2

Compliance Week - Breaking Down the Risk - Breaking Down...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online