Risk Management related to personnel, processes and IT systems is critical for achieving the company’s main objectives.
Our services include:
- Risk Management Diagnosis and Implementation:
- Risk and control diagnosis according to 2013 COSO Internal Control — Integrated Framework, COSO ERM Framework Update Advisory Council and ISO 31000 Standards
- Operational Risk Diagnosis (alignment to SBS and SMV regulations)
- Design and Implementation of Comprehensive Risk Management Policies
- Design and Implementation of Comprehensive Risk Management Manual
- Risk Management Outsourcing
- Comprehensive Risk Management Co-sourcing
- Risk and Controls Management (COSO 2013, COSO ERM, ISO 31000)
- Operational Risk Management
- Formulation of Business Continuity Plans (BCP), including the following stages:
- Business Impact Analysis (BIA)
- Application Impact Analysis (AIA)
- Risk Analysis (RA)
- Design of Recovery Strategies
- Development of Governance Framework to organize the Business Continuity Management function
- Preparation of Crisis Management Plans and a Crisis Communication Plans documenting warning, evaluation, communication and decision mechanisms.
- Formulation of Disaster Recovery Plans (DRP)
- Formulation of Exercise Test Plans to assess their effectiveness
- Definition of mechanisms which help verify the effectiveness of plans, and definition of resources which ensure the disclosure of the program at a company level.