Compliance Risk Assessments: An Introduction

  1. Copyright Page

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Compliance Risk Assessments—An Introduction is published and updated by the Society of Corporate Compliance and Ethics®, Minneapolis, MN...

  2. Dedication

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    To my supportive husband, Norman;...

  3. Chapter 1. The Compliance Environment

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    If you are reading this book, two possibilities exist. First, you are having difficulty falling asleep and thought that a book on compliance risk assessments certainly could make your weary eyes close. Second, this week you were approached by your CEO who informed you that you are now responsible for completing a compliance risk assessment for the organization and will be presenting on this process to the board of directors in two months...

  4. Chapter 2. A Risk Assessment and Risk Management Primer

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Before you begin your risk initiative, let’s define some terms. Some people want to use “risk assessment” and “risk management” interchangeably; but they are in fact different. In short, you assess your risks so you can more effectively address those risks. A risk assessment includes the processes of identifying, analyzing, and evaluating the severity of risks. Performing these steps helps determine the best way to address those risks: to monitor, minimize, or mitigate their impact. Assessing and addressing risks together form the foundations of risk management...

  5. Chapter 3. Step One: Defining Your Compliance Risk Universe

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Step one—the basics. When you decide to do some baking today, is your goal to bake a wedding cake or a vanilla sheet cake, or is the extent of your skills limiting you to a store-bought, ready-mix brownie delight? It is the same kind of question that you would ask regarding a compliance initiative...

  6. Chapter 4. Step Two: Determining Likelihood of Occurrence

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Two compliance risk factors are typically used to determine the risk level of a compliance issue—likelihood of occurrence and impact of occurrence. It is with these two factors that you will be able to turn your risk universe list into a risk universe matrix—a graphical representation of risks that can help prioritize your risk mitigation efforts...

  7. Chapter 5. Step Three: Determining Impact of Occurrence

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Two main risk factors must be quantified to determine the risk level of a compliance issue—likelihood of occurrence and impact of occurrence...

  8. Chapter 6. Step Four: Conducting the Compliance Risk Assessment Survey

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Remember the cake baking exercise? Well, at this point, you have identified what cake you want to bake (Step 1: Defining Your Compliance Risk Universe) and you have identified what ingredients are going to be part of the batter (Step 2: Determining Likelihood of Occurrence and Step 3: Determining Impact of Occurrence), so, you must be ready to actually bake the cake, right? Sorry—you are close, but are not ready yet to even turn on the oven. In order to develop your risk universe matrix, you need to assess your company’s status with each of the laws and regulations in...

  9. Chapter 7. Step Five: Compiling Results and Constructing a Compliance Universe Matrix

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    Congratulations! You have persevered and proven that the naysayers who said this compliance initiative would never gain the support and buy-in necessary to make it work were wrong. You have tuned out the employees who did not want to take the time to complete the compliance risk assessment survey. You even survived the IT data collection disasters that surely happened. So, what are your next steps?...

  10. Chapter 8. Step Six: Implementing a Compliance Risk Mitigation Plan—Monitoring, Reassessing, and Modifying

    Compliance Risk Assessments - An Introduction  | Author: Judith Spain  | February 2020 

    At this point in your compliance risk assessment program, you have completed the following:...