 |
| Compliance Risk Assessment template excel |
Compliance Risk Assessment template in excel free download
A compliance risk assessment is a procedure that identifies the major inherent risks within a business line, factors in any processes and procedures that are practiced by the institution to control and/or mitigate those risks, resulting in a measurement of the residual risk the business line poses to the institution.
Why Prepare a Compliance Risk Assessment?
Proactive, rather than reactive
- To identify areas of significant risk to the bank
- To assess the bank’s likelihood of violating laws and regulations
- To identify areas where controls are needed to mitigate risk
- To evaluate the institution’s level of compliance risk in order to make effective and sound decisions
- To best utilize the limited time and resources allotted to compliance
Compliance Risk Assessment template instructions
Risk scenarios: Enter the main risk scenarios for the legislation being managed in the 'Risk Scenarios' column
INHERENT RISK: Consequence: Using the University's Risk Management: Consequence table (see 'Further info on risk HERE' tab), broadly assess the realistic and reasonable worst-case scenario across the range of consequence categories, using the drop-down box to select the level. Note: this is the consequence ignoring any controls that are in place.
INHERENT RISK: Likelihood: Using the University's
Risk Management: Likelihood table (see 'Further info on risk HERE' tab), broadly assess the realistic and reasonable likelihood/frequency of the consequence being realised ('coming true'), using the drop-down box to select the level. Note: this is the likelihood ignoring any controls that are in place.
INHERENT RISK: Inherent Risk Rating: This cell will be automatically calculated. For context, refer to the the University's Risk Management: Risk Acceptance Criteria table (see 'Further info on risk HERE' tab).
CONTROLS ASSESSMENT: Existing Controls: Summarize what controls already exist at the University in relation to this risk (do not note expected improvements or new controls here).
CONTROLS ASSESSMENT: Controls Rating: Using the the University's Risk Management: Controls assessment table (see 'Further info on risk HERE tab'), assess the efficacy of the current controls.
RESIDUAL RISK: Likelihood: Given the controls listed in the 'Existing Controls' column, what is the realistic and reasonable likelihood/frequency of the consequence being realised (using the drop-down box to select the level).
RESIDUAL RISK: Residual Risk Rating: This cell will be automatically calculated. For context, refer to the University's
Risk Management: Risk Acceptance Criteria table (see 'Further info on risk HERE' tab). Note that there is no consequence selection here as generally the controls put in place will not change the consequences of the risk but will reduce the likelihood of it occurring.
RESIDUAL RISK: Further action?: Given the Residual Risk Rating, further action may be necessary or beneficial. You may know these as 'Treatment Action Plans' from operational risk assessments. When these further actions are completed, they may be moved to the 'Existing Controls' column, which may result in a lower likelihood and possible lower Residual Risk Rating.
Download also:
Post a Comment