No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Creating a Coordinated Approach to Assurance

by Abbott Martin
May 10, 2017
in Compliance, Featured
two groups of people converging

4 Key Components

The number of distinct assurance functions has nearly doubled over the last 10 years, but only 10 percent of assurance leaders believe that their company’s risk management functions are currently integrated. Unfortunately, despite investments in these functions, the lack of integration leaves general counsel and compliance officers feeling no more confident in managing risks today than they have in the past.

Assurance functions are on the rise. With continued proliferation in global regulations and increased public scrutiny of corporate behavior, companies have made significant investments in assurance programs (e.g., compliance, information security, quality) and control systems. These investments are made to identify and manage the operational, compliance and reputational risks that affect an enterprise’s financial results and brand value.

Unfortunately, despite these investments, legal and other assurance executives like compliance officers and information technology executives feel no more capable of managing risks today than they did 10 years ago. This can largely be traced to the fact that the process of managing risk is complex, and there are often assurance mandates and requirements that overlap between teams. This overlap leads to boards that lack visibility into corporate risks, business leaders who are more risk averse and employees who struggle to get work done while navigating compliance requirements.

So what’s the answer? For most companies, it’s coordinated assurance.

A common definition of coordinated assurance is organizing and aligning assurance processes across functional boundaries to maximize operating efficiency while 1) managing risk and governance within company’s risk appetite and 2) providing holistic visibility and assurance to the board, regulators and customers.[1] Done well, the system accomplishes the goals of corporate assurance – providing assurance, visibility and intelligence – while limiting the direct and indirect costs of doing so.

Those unfamiliar with coordinated assurance may struggle to see how it works in practice or understand what good looks like. To help, we’ve identified four key components that define successful coordinated assurance.

Component 1: Integrated Risk Management Framework — Coordinated assurance requires a common understanding of the company’s risk universe, risk ratings, rules for oversight ownership and guidelines for when new risks are added to the framework.

Component 2: Shared Work and Information — Rather than buying or creating new systems and surveys to manage risks, leading companies use existing datasets to obtain that intelligence. Sharing risk information from these datasets across teams helps all assurance functions understand the risk environment and supports mutual conclusions about risk and resource allocation. Taking it one step further, assurance functions can coordinate a schedule of on-site reviews and use each other’s work to avoid duplicating efforts.

Component 3: Activity and Control Rationalization — Coordinated assurance requires processes for reducing duplicative activities. This includes collecting only vital risk information and avoiding repetition of questionnaires and assessments. If two teams must collect the same information, they should ensure the data definitions and metrics of separate surveys are consistent and business leaders do not receive multiple requests at one time.

Component 4: Coordinate Risk Reporting — Assurance partners should coordinate when they deliver risk reports to management and the board and ensure that the reports tell a cohesive story. Reporting timing should also support corporate decision-making and annual planning cycles whenever possible.

Getting Started with Coordinated Assurance

Coordinated assurance isn’t easy, and to do it right takes effort – in fact, only 10 percent of assurance leaders believe their company’s risk management functions are integrated – but it’s not impossible. To get started, assurance leaders should work on three things.

  1. Establishing Goals and Structure — Coordinated assurance requires clear goals, structure and commitment. Each part of the team needs to agree on project scope and objective, and one person must be appointed to lead the integrated effort.
  2. Building Processes and Trust Across Assurance Functions — Each assurance function has specific concerns and needs that they can’t (or won’t be willing to) easily sacrifice to create a more streamlined corporate process. The functions need to work together to create a set of governing rules that makes everyone comfortable that their concerns won’t be neglected while working toward better coordination and alignment.
  3. Creating a Roadmap — Once goals, structure and trust have been built, the real work of coordination can begin. By sharing activity schedules, calendars and risk reporting dates, assurance partners can begin to identify where gaps, duplication and natural alignment exist.

Current assurance silos create overlapping mandates and internal bureaucracy while making it difficult to develop a holistic picture of risk. Not only does a coordinated approach to assurance make it easier to get that view, but it also helps reduce the total cost of risk management and support achievement of long-term objectives.

[1] Adapted from King Report on Governance for South Africa, african.ipapercms.dk/IOD/KINGIII/kingiiicode.


Previous Post

Resilient: Alex Dimitrief on Divesting, Investing and Innovating

Next Post

Turn GDPR Compliance into Lemonade

Abbott Martin

Abbott Martin

Abbott Martin is a research leader for compliance, legal and data privacy at CEB, now part of Gartner. He has worked with leading corporations to research and improve compliance and ethics program performance with a focus on risk management, training and communication and corporate culture.  Abbott holds a BA in Economics from Johns Hopkins University.

Related Posts

boris johnson resigns as UK prime minister

Report: Most Countries Failing to Stop Corruption

by Staff and Wire Reports
February 2, 2023

Denmark remained the least corrupt country in the world for the fifth year running, according to the recently released Transparency...

exec fired

44% of Companies Say They’ve Disciplined Execs for Ethics Breaches

by Staff and Wire Reports
February 2, 2023

More than two-fifths of companies (44%) say they have fired or disciplined senior leadership for unethical conduct in the past...

clausematch ai

Clausematch Releases Knowledge Graph to Drive Digitization of Regulation With AI

by Corporate Compliance Insights
February 2, 2023

Global RegTech provider Clausematch has released its digital knowledge graph in open source, allowing regulators and financial service companies to...

logicgate_climbchannel

LogicGate Hopes to Expand RiskCloud’s EMEA Reach

by Corporate Compliance Insights
February 2, 2023

Risk and compliance provider LogicGate is expanding its international presence thanks to a new partnership with Climb Channel Solutions, a...

Next Post
lemons and lemonade on picnic table

Turn GDPR Compliance into Lemonade

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT