Risk Management

Risk Management related to personnel, processes and IT systems is critical for achieving the company’s main objectives.

Our services include:

  • Risk Management Diagnosis and Implementation:
    • Risk and control diagnosis according to 2013 COSO Internal Control — Integrated Framework, COSO ERM Framework Update Advisory Council and ISO 31000 Standards
    • Operational Risk Diagnosis (alignment to SBS and SMV regulations)
    • Design and Implementation of Comprehensive Risk Management Policies
    • Design and Implementation of Comprehensive Risk Management Manual
  • Outsourcing:
    • Risk Management Outsourcing
    • Comprehensive Risk Management Co-sourcing
  • Training:
    • Risk and Controls Management (COSO 2013, COSO ERM, ISO 31000)
    • Operational Risk Management
  • Formulation of Business Continuity Plans (BCP), including the following stages:
    • Business Impact Analysis (BIA)
    • Application Impact Analysis (AIA)
    • Risk Analysis (RA)
    • Design of Recovery Strategies
  • Development of Governance Framework to organize the Business Continuity Management function
  • Preparation of Crisis Management Plans and a Crisis Communication Plans documenting warning, evaluation, communication and decision mechanisms.
  • Formulation of Disaster Recovery Plans (DRP)
  • Formulation of Exercise Test Plans to assess their effectiveness
  • Definition of mechanisms which help verify the effectiveness of plans, and definition of resources which ensure the disclosure of the program at a company level.