CRSA: Compliance Risk Self Assessment

Home Products & Services Governance Risk Compliance NormageoS CRSA: Compliance Risk Self Assessment

CRSA: Compliance Risk Self Assessment

The regulatory complexity that characterizes the current landscape must be brought within a perimeter of analytical investigation that usually involves not only the compliance office, but also a number of different subjects responsible for the application of specific requirements.

 

In order to facilitate the assessment of these requirements, NG provides a real “methodological framework” that facilitates users in carrying out “Compliance Risk Self Assessment” (hereinafter: CRSA).

 

With CRSA the compliance office can make use of a tool characterized by great ease of use, high configurability, native predisposition to the documentation of the evaluation sessions.

 

The definition of the levels of inherent and residual risk derives from a prior mapping procedure between business processes, organizational structure, regulatory compliance (see §-1.3) and controls.

These activities can be parameterized according to the scales defined in the company policy. Each session can be performed through a workflow that allows the involvement of all responsible users by virtue of their competence.

 

At the end of the evaluations, the system provides structured reporting of the session outcomes, offering overviews that can be “navigated” according to a “drill-down” logic.