The 10 Most Important Things A Company Needs In Its Risk Management Plan
Get Independent Evaluators More Involved
Businesses need to get their independent risk management, performance and compliance functions more involved with the innovation, implementation and use of new technologies, according to Brian Schwartz, U.S. internal audit, compliance and risk management financial services leader at London-based PwC.
These independent assessors sit between the business functions and the audit team, Schwartz said, and can assist by pushing out a framework and approach for identifying key business risks, conducting risk assessments, and reporting on business risks. They should also challenge business leaders who decide to take on a new product or service to ensure that it doesn't elevate the company's overall risk exposure.
The independent evaluators should also be aggregating the risk exposure created by each of the company's business units as well as all of the products and services the company offers, Schwartz said. The independent function is typically prevalent in larger or more regulated companies, Schwartz said, with smaller firms often lacking a framework for identifying and prioritizing key business risks.