SlideShare a Scribd company logo

Risk Management Case Study - Applied Concepts

Resolver Inc., profile picture
Resolver Inc.

This document discusses risk management and auditing processes. It emphasizes the importance of planning over plans alone. Key points addressed include linking risks to corporate objectives, ensuring compliance and other risks are captured, assessing control strengths, and having timely and documented response and remediation processes. Continuous improvement is emphasized through regular risk assessment updates, control self-assessments, analyzing incidents, and using findings to support future prevention.

Business
1 of 14
Downloaded 14 times
1
2
3
4
5
6
Most read
7
8
9
10
11
12
Most read
13
14
Most read
Case Study
I have always found that plans are useless, but planning is indispensable. - 34th President of the United States, Dwight D. Eisenhower
Risk & Regulation Audit Improve Policy & Control Response Incident Report Investigate Analyze ImproveMonitor
Risk Management Case Study - Applied Concepts
Each group should consider the inputs and outputs that can help to minimize the impact and/or frequency of risk events
Risk Management Case Study - Applied Concepts
Are the company’s risks linked to the key objectives? Are compliance, regulatory, reputational, etc. risks captured? For the key risks identified, do you feel like the controls are strong enough? If and when things occur, can they be addressed timely and properly recorded? Do remediation efforts align with budget and strategy?
Risk Management Case Study - Applied Concepts
Risk Management Case Study - Applied Concepts
▪ Risks linked to corporate objectives ▪ Risk register includes compliance, IT/InfoSec, physical security, etc. ▪ Audit plan based on key areas of risk ▪ Link transactional data to risks to provid full picture
▪ Map audit findings back to key enterprise risks to enable full transparency and prioritization ▪ Setup key risk indicators that align with enterprise risks (can this be automated?) ▪ Revisit audit plan every 6 months ▪ Push out control self-assessments
▪ Use risk assessment to determine appropriate responsive action ▪ Setup, implement and track SOPs and SLAs (saves, near misses, etc.) ▪ Formalize electronic incident capture, investigation and case management ▪ Root cause analysis ▪ Site audits
▪ Is there a link back to overall strategy? ▪ Is this information available to audit and risk? ▪ Do actions result in risk going down, control strength increasing, etc.? ▪ How does this information help to support possible future prevention or limit impact?
kevin@resolver.com

More Related Content

PPTX
Strategic risk management
Karim Farag
 
PDF
Risk Management Overview
JIGNESH PADIA
 
PPT
Introduction to risk management
Kannan Subbiah
 
PDF
Chap 11.7 Monitor Risks
Anand Bobade
 
PPTX
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
PDF
Risk Management module PowerPoint Presentation Slides
SlideTeam
 
PDF
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
PPT
Chapter 1 risk management (3)
rafeeqameen
 
Strategic risk management
Karim Farag
 
Risk Management Overview
JIGNESH PADIA
 
Introduction to risk management
Kannan Subbiah
 
Chap 11.7 Monitor Risks
Anand Bobade
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Risk Management module PowerPoint Presentation Slides
SlideTeam
 
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
Chapter 1 risk management (3)
rafeeqameen
 

What's hot (20)

PDF
Risk Management Overview Powerpoint Presentation Slides
SlideTeam
 
PDF
How to Build an Enterprise Risk Management Framework
Colleen Beck-Domanico
 
PPTX
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
PDF
Risk Management Procedure And Guidelines PowerPoint Presentation Slides
SlideTeam
 
PPT
Introduction to Risk Management
FAA Safety Team Central Florida
 
PDF
Risk Management Process Steps Powerpoint Presentation Slides
SlideTeam
 
PPTX
Risk management
Aglaia Connect
 
PDF
Risk Overview & Risk management
Subhendu Datta
 
PPT
The importance of risk management in business
r2financial
 
PDF
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
PPTX
Risk & Risk Management
ansula
 
PPTX
Final presentation internal controls
Rishab Nahata
 
PPTX
Risk management
Harold Malamion
 
PPT
Operational risks
Rahmat Mulyana
 
PDF
Risk Management Outline PowerPoint Presentation Slides
SlideTeam
 
PPTX
Risk management presentation
abpeters82
 
PPTX
Enterprise Risk Management
PYA, P.C.
 
PPTX
Risk Management - A Journey
Debashis Gupta
 
PDF
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
PPT
Risk Management – The Building Blocks
Continuity and Resilience
 
Risk Management Overview Powerpoint Presentation Slides
SlideTeam
 
How to Build an Enterprise Risk Management Framework
Colleen Beck-Domanico
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
Risk Management Procedure And Guidelines PowerPoint Presentation Slides
SlideTeam
 
Introduction to Risk Management
FAA Safety Team Central Florida
 
Risk Management Process Steps Powerpoint Presentation Slides
SlideTeam
 
Risk management
Aglaia Connect
 
Risk Overview & Risk management
Subhendu Datta
 
The importance of risk management in business
r2financial
 
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
Risk & Risk Management
ansula
 
Final presentation internal controls
Rishab Nahata
 
Risk management
Harold Malamion
 
Operational risks
Rahmat Mulyana
 
Risk Management Outline PowerPoint Presentation Slides
SlideTeam
 
Risk management presentation
abpeters82
 
Enterprise Risk Management
PYA, P.C.
 
Risk Management - A Journey
Debashis Gupta
 
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
Risk Management – The Building Blocks
Continuity and Resilience
 
Ad

Similar to Risk Management Case Study - Applied Concepts (20)

PDF
Chapter 3-4.pdf
ChiragJoshi59934
 
PPTX
Strategic risks-and-opportunities-powerpoint-flores
Alo Lacsamana
 
PDF
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
Keith Darcy
 
PDF
Raleigh issa chapter april meeting - managing a security & privacy governan...
Raleigh ISSA
 
PPT
Risk Courseware Complete courses for Financier
AmritTiwari12
 
PPT
Risk_Courseware.ppt
AyidAlmgati
 
PPTX
2016 - IQPC - Understanding and Assessing Corruption Risk
Dr Darren O'Connell AGIA
 
PDF
GRC Analyst Interview Questions Infosec.pdf
infosec train
 
PDF
Infographic: Maturing Audit Plans and Processes
EMC
 
PDF
WHATs NEW IN RISK ASSESSMENT
Fred Travis
 
PDF
2015 Tackling This Year's Audit Hot Spots
Ron Steinkamp
 
DOC
Pm0016 set-1
Paul Hunt
 
DOC
An introduction to finance
Robert Reed
 
PPTX
Mastering Information Technology Risk Management
Goutama Bachtiar
 
PPT
Risk Assessment For Internal Auditors
minkhollow
 
PPT
How to Create a Risk Profile for Your Organization: 10 Essential Steps
Case IQ
 
PPTX
Assuring Digital Strategic Initiatives by
FirstMutualHoldings
 
PPTX
Operational Resilience for Organizations.pptx
Orlando Trajano
 
PDF
5 steps for better risk assessment
DrMohammedFarid
 
PDF
Capital Markets
AasthaShetty1
 
Chapter 3-4.pdf
ChiragJoshi59934
 
Strategic risks-and-opportunities-powerpoint-flores
Alo Lacsamana
 
WSJ-Compliance Risks What You Don’t Contain Can Hurt You - Deloitte Risk (1)
Keith Darcy
 
Raleigh issa chapter april meeting - managing a security & privacy governan...
Raleigh ISSA
 
Risk Courseware Complete courses for Financier
AmritTiwari12
 
Risk_Courseware.ppt
AyidAlmgati
 
2016 - IQPC - Understanding and Assessing Corruption Risk
Dr Darren O'Connell AGIA
 
GRC Analyst Interview Questions Infosec.pdf
infosec train
 
Infographic: Maturing Audit Plans and Processes
EMC
 
WHATs NEW IN RISK ASSESSMENT
Fred Travis
 
2015 Tackling This Year's Audit Hot Spots
Ron Steinkamp
 
Pm0016 set-1
Paul Hunt
 
An introduction to finance
Robert Reed
 
Mastering Information Technology Risk Management
Goutama Bachtiar
 
Risk Assessment For Internal Auditors
minkhollow
 
How to Create a Risk Profile for Your Organization: 10 Essential Steps
Case IQ
 
Assuring Digital Strategic Initiatives by
FirstMutualHoldings
 
Operational Resilience for Organizations.pptx
Orlando Trajano
 
5 steps for better risk assessment
DrMohammedFarid
 
Capital Markets
AasthaShetty1
 
Ad

More from Resolver Inc. (20)

PDF
How to Prove the Value of Security Investments
Resolver Inc.
 
PDF
ERM Benchmarking Survey Results
Resolver Inc.
 
PPTX
Best Practices and ROI for Risk-based Vulnerability Management
Resolver Inc.
 
PDF
Taking a Data-Driven Approach to Business Continuity
Resolver Inc.
 
PDF
Terrorism in a Corporate Setting
Resolver Inc.
 
PDF
Reporting to the Board on Corporate Compliance
Resolver Inc.
 
PDF
An Intro to Resolver's Compliance Application
Resolver Inc.
 
PDF
Information Security Best Practices: Keeping Your Company's Data Safe
Resolver Inc.
 
PDF
Security Trends: From "Silos" to Integrated Risk Management
Resolver Inc.
 
PDF
Modelling your Business Processes with Resolver Core
Resolver Inc.
 
PDF
How Resolver Uses Resolver
Resolver Inc.
 
PDF
Scammed: Defend Against Social Engineering
Resolver Inc.
 
PDF
A Peek at adidas Group's Integrated Risk & Security Management Strategy
Resolver Inc.
 
PDF
An Intro to Resolver's Resilience Application
Resolver Inc.
 
PDF
Data Driven Risk Assessment
Resolver Inc.
 
PDF
How to Achieve a Fully Integrated Approach to Business Resilience
Resolver Inc.
 
PDF
An Intro to Resolver's Risk Application
Resolver Inc.
 
PDF
Keeping Your Data Clean
Resolver Inc.
 
PDF
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Resolver Inc.
 
PDF
An Intro to Resolver's InfoSec Application (RiskVision)
Resolver Inc.
 
How to Prove the Value of Security Investments
Resolver Inc.
 
ERM Benchmarking Survey Results
Resolver Inc.
 
Best Practices and ROI for Risk-based Vulnerability Management
Resolver Inc.
 
Taking a Data-Driven Approach to Business Continuity
Resolver Inc.
 
Terrorism in a Corporate Setting
Resolver Inc.
 
Reporting to the Board on Corporate Compliance
Resolver Inc.
 
An Intro to Resolver's Compliance Application
Resolver Inc.
 
Information Security Best Practices: Keeping Your Company's Data Safe
Resolver Inc.
 
Security Trends: From "Silos" to Integrated Risk Management
Resolver Inc.
 
Modelling your Business Processes with Resolver Core
Resolver Inc.
 
How Resolver Uses Resolver
Resolver Inc.
 
Scammed: Defend Against Social Engineering
Resolver Inc.
 
A Peek at adidas Group's Integrated Risk & Security Management Strategy
Resolver Inc.
 
An Intro to Resolver's Resilience Application
Resolver Inc.
 
Data Driven Risk Assessment
Resolver Inc.
 
How to Achieve a Fully Integrated Approach to Business Resilience
Resolver Inc.
 
An Intro to Resolver's Risk Application
Resolver Inc.
 
Keeping Your Data Clean
Resolver Inc.
 
Why You Should Prioritize Third Party Risk Management (TPRM) in Today's Marke...
Resolver Inc.
 
An Intro to Resolver's InfoSec Application (RiskVision)
Resolver Inc.
 

Recently uploaded (20)

PPTX
HR Introduction Slide (1).pptx on hr intro
suhanidwivedi227
 
PDF
WRN_Investor_Presentation_August 2025.pdf
cmagee4
 
PPTX
Dragon_Fruit_Cultivation_in Nepal ppt.pptx
UmeshTimilsina1
 
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
PDF
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
PDF
Business model innovation report 2022.pdf
pradvapal
 
PPT
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
PDF
How to Get Funding for Your Trucking Business
Jake Thornhill
 
PDF
Training And Development of Employee .pdf
nivethavm864
 
DOCX
Euro SEO Services 1st 3 General Updates.docx
AmirNazir49
 
PPTX
New Microsoft PowerPoint Presentation - Copy.pptx
itsmesumedh96
 
PPTX
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
DOCX
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
PPTX
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
PDF
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
PPTX
The Marketing Journey - Tracey Phillips - Marketing Matters 7-2025.pptx
shannonzipoy2
 
PDF
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
PDF
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
PPTX
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
PDF
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
HR Introduction Slide (1).pptx on hr intro
suhanidwivedi227
 
WRN_Investor_Presentation_August 2025.pdf
cmagee4
 
Dragon_Fruit_Cultivation_in Nepal ppt.pptx
UmeshTimilsina1
 
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
Business model innovation report 2022.pdf
pradvapal
 
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
How to Get Funding for Your Trucking Business
Jake Thornhill
 
Training And Development of Employee .pdf
nivethavm864
 
Euro SEO Services 1st 3 General Updates.docx
AmirNazir49
 
New Microsoft PowerPoint Presentation - Copy.pptx
itsmesumedh96
 
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
The Marketing Journey - Tracey Phillips - Marketing Matters 7-2025.pptx
shannonzipoy2
 
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
Types of control:Qualitative vs Quantitative
reshmaaslm06
 

Risk Management Case Study - Applied Concepts

  • 2. I have always found that plans are useless, but planning is indispensable. - 34th President of the United States, Dwight D. Eisenhower
  • 5. Each group should consider the inputs and outputs that can help to minimize the impact and/or frequency of risk events
  • 7. Are the company’s risks linked to the key objectives? Are compliance, regulatory, reputational, etc. risks captured? For the key risks identified, do you feel like the controls are strong enough? If and when things occur, can they be addressed timely and properly recorded? Do remediation efforts align with budget and strategy?
  • 10. ▪ Risks linked to corporate objectives ▪ Risk register includes compliance, IT/InfoSec, physical security, etc. ▪ Audit plan based on key areas of risk ▪ Link transactional data to risks to provid full picture
  • 11. ▪ Map audit findings back to key enterprise risks to enable full transparency and prioritization ▪ Setup key risk indicators that align with enterprise risks (can this be automated?) ▪ Revisit audit plan every 6 months ▪ Push out control self-assessments
  • 12. ▪ Use risk assessment to determine appropriate responsive action ▪ Setup, implement and track SOPs and SLAs (saves, near misses, etc.) ▪ Formalize electronic incident capture, investigation and case management ▪ Root cause analysis ▪ Site audits
  • 13. ▪ Is there a link back to overall strategy? ▪ Is this information available to audit and risk? ▪ Do actions result in risk going down, control strength increasing, etc.? ▪ How does this information help to support possible future prevention or limit impact?