Conducting a strategic risk review of the organisation identifies threats and opportunities and provides a framework for performance improvement.
The audit takes a 360˚ view of the organisation, identifying threats and vulnerability and assessing the current risk management strategy. It investigates 20 separate risk categories and rates them to reflect the current level of protection and preparedness. The categories are:
- Physical security
- Resources and portable property
- Information storage and retrieval
- Intellectual property & reputation
- Crime prevention
- Accident prevention
- Fire prevention
- Quality Management standards
- Staff recruitment, training, development & retention
- Business continuity & disaster recovery planning
- Succession planning
- Product/service life cycle planning
- New product research & development
- Market planning & development
- Customer experience
- Supply chain management
- People performance management
- Financial performance management
- ERM systems
iRMA - the intelligent Risk Management Audit - collects data on all the relevant aspects of the current situation and distils them into a report which provides the basis for an action plan.
The iRMA action plan presents the results in the following format:
- Immediate priorities – code red
- Medium- term issues – code orange
- Long-term issues – code yellow
In each area iRMA lists and qualifies every issue against benchmark standards which describe best practice and applies a financial value measurement. These benchmarking assessments are made by the client, during the review process.
This allows the organisation’s leadership team to calculate the potential cost reductions and profit improvements that could accrue from each change in policy.