An organization should identify and understand key events that may prevent it from (risk) or assist in (opportunities) achieving its objectives.
Principles
> Understand key internal & external events
> Understand correlations and patterns
> Assign accountability for monitoring event occurrence
> Identify key triggers for re-engaging the planning process
Business Objectives
-
To ensure timely identification of all significant events presenting either risk or opportunity to the entity
-
To ensure that the entity identifies and responds to legal mandates and risks
-
To ensure that the entity identifies all applicable risks
Considerations
-
Consider the entity's compliance history when identifying potential events
-
Consider industry trends when identifying potential events
-
Personnel with compliance responsibilities should participate in this task
Critical Success Factors
-
A cross-functional team, including key senior executives, to ensure that all relevant internal and external events are identified
-
Involvement of risk management experts or resources in conjunction with the team