Chapter 5. Risk Assessment

Chapter 5. Risk Assessment

Risk assessments must be dynamic and ongoing: dynamic, to address the changing risks of the organization, and ongoing, to continually review and prioritize the risks of the organization. Conducting a risk assessment when you first start your program assists you in understanding the cultural variables related to risk, such as how tolerant the organization is to take on more risk and whether there is management accountability to resolve or mitigate risk. Risk assessments help identify priority risk areas to target when building the compliance program’s education, auditing, monitoring, and communication plans. This is an essential process for launching an effective compliance program.

A baseline compliance risk assessment forms the foundation of a new compliance program. The dynamic nature of an organization and its risk portfolio requires an ongoing look at priority risks to keep the program aware of real, potential, and emerging risk areas that need to be monitored and addressed.

This document is only available to subscribers. Please log in or purchase access.