Risk Control Self Assessment (RCSA) as an accepted component of effective operational risk software is well established, and forms a core part of Optial’s Operational Risk Management software.
Through systematically understanding and recording the objectives of business activity, the risks that could prevent these objectives from being reached, and the controls that will channel activities and energy into the right and relevant direction, a coherent structure for managing the internal control framework is established.
Optial Risk Registers
A systematic approach is the best one for an organisation to take to create and manage a library of risks on both a global level as well as at a local level for the business units. Optial provides pre-configured libraries for this where organisations can add their own risks.
The resultant risk templates will be used to generate the risk assessment checklists, either automatically or on demand, for selected businesses and business units for the manager to use to rate their current performance and identify control inefficiencies and build action plans in Optial to address them.
Optial RCSA Solution
Optial reduces the administrative burden associated with compliance and internal control and, more importantly, provides the infrastructure to obtain real business value. Optial’s flexible object model is ideally suited to supporting this kind of risk management framework including
- Risks
- Controls
- Checklists
As these are an integral part of the Optial solution. Internal Control monitoring can be set up to generate reminder checklists, whether daily, weekly, monthly or quarterly. Risk-based self-assessments can equally be generated either by individual managers, or distributed to key business units by the central risk group.
Impact and probability assessments of risks and controls are part of the standard system; an organisation may wish to use inherent and/or residual and target impact and probability, along with an assessment of the effectiveness of the controls. Standard risks categorisations can be selected to implicitly link items and drive much of the reporting from the Optial system. Explicit links can be created on a one-one ot many-many basis, e.g. linking risks to associated losses, controls, regulations, audit findings, etc.
Automatic scoring allows comparison and benchmarking of results. Risks can be automatically red-flagged on the basis of freely definable combinations of impact, probability, control effectiveness or other dropdown selections, and these can in turn be built into Key Risk Indicators (KRI).
Since Optial can be configured without the need to change code, each institution can choose which parts of the framework are to be employed.
Risk Reporting
Reporting on the results of the risk assessments takes various forms: lists, charts and tables are provided within the standard Optial system, with optional additional reports available from the Optial Business Intelligence browsers.
If you would like further information on Optial Products or services email: request@optial.com or telephone: +44 (0) 207 247 7673.