ISO and COSO haven’t got a clue. You can and should quantify compliance risks

Every organisation is required to comply with laws within the countries it operates in, the legal and regulatory requirements vary between different regions adding to the need to have understanding and confidence in the risk management processes in place. Organisations face considerable uncertainty when making decisions and taking actions that may have significant compliance consequences. The management… Continue reading ISO and COSO haven’t got a clue. You can and should quantify compliance risks

Compliance Risk Management – Risk analysis (part 3)

Step 3. Determine the range of consequences for each scenario In order to quantitatively assess compliance risks the next step involves defining the possible range of values for each consequence scenario. Typical consequences can involve the following factors: Consequence scenario Range of consequences A.     Small fine for violation, for example a fine for three days… Continue reading Compliance Risk Management – Risk analysis (part 3)