Are you sure you are complying with all the current regulations that affect you? Are you confident that your information systems adequately control your organization’s critical information? Can you be relatively sure that your organization is not subject to fraud? Does it have a truly independent internal audit area that impartially and objectively reviews the performance of operational processes? Is the board aware of the main risks facing the organization? Are critical decisions made taking into account the organization’s risk appetite?
Risk management and internal controls are fundamental elements for the achievement of an efficient organizational management, since it allows to actively minimize possible errors and deviations from what is planned to successfully achieve the objectives set. This methodology is based on the ERM (Enterprise Risk Management) model issued by COSO, as well as COSO III, as well as ISO 31000 (risk management). Essentially, our approach seeks to ensure that all elements (objectives, risks, controls, systems, monitoring) of an organization are properly integrated with each other and operate under international standards.
We support organizations that decide to manage their risk through the following services:
- Design of the risk management model;
- Determination of risk appetite and risk policies;
- Matrix of risk and determination of critical risks;
- Measurement of effectiveness of the controls;
- Diagnostics of internal controls based on COSO;
- Procurement audits;
- Monitoring and monitoring systems / indicators;
- Implementation of the compliance model.