European Union - Reform of the audit market: Proposal for a regulation on the quality of audits of public-interest entities and proposal for a directive to enhance the single market for statutory audits (November 2011) resource Agency Guidances OCEG Reviewed
Brussels, 30 November 2011 - The 2008 financial crisis highlighted considerable shortcomings in the European audit system. Audits of some large financial institutions just before, during and since the crisis resulted in 'clean' audit reports despite the serious intrinsic weaknesses in the financial health of the institutions concerned.
From Corporate Board Member: Real Scenarios for Real Performance in Risk Oversight blog
Technology change, competitor action, cyber attacks, supply chain disruption, regulatory change, product blunders and executive departures–the risks to business performance are unceasing in a dynamic environment. Yet, in the need for performance lies the seed of improved risk management.
IMF, Making Banks Safer: Can Volcker and Vickers Do It? (2011) resource White Papers OCEG Reviewed
Summary: This paper assesses proposals to redefine the scope of activities of systemically important financial institutions. Alongside reform of prudential regulation and oversight, these have been offered as solutions to the too-important-to-fail problem.
IFAC, Global Survey on Risk Management and Internal Control (PAIB Committee, 2011) resource Research / Studies OCEG Reviewed
The PAIB Committee's survey on risk management and internal control received over 600 responses from around the globe. This information paper provides an analysis of the survey results and summarizes respondents' recommendations for the next steps in this area.
2011 Aon Global Risk Management Survey resource Research / Studies OCEG Reviewed
Summary: Conducted in 10 languages in Q4 2010, this biennial report represents 960 organizations from 58 countries in all regions of the world. The third of its kind, the report aims to help risk managers stay abreast of emerging issues and learn how their industry and regional peers are managing risks and capturing opportunities.
Free registration required.
Operational Risk Management – Key Shifts Required to Rise to the Challenge blog
By Brian Barnier, OCEG Fellow
Operational Risk & Regulation Magazine resource Books / Publications OCEG Reviewed
A monthly magazine published by Incisive Financial Publishing Limited and posted at Risk.net.
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Some Distinctive Features Include: Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.12 - Finance/Treasury Risk Management
- IT.13 - Fraud and Corruption Detection, Prevention & Mgmt
- IT.16 - Information/IT Risk & Security
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.24 - Quality Management and Monitoring
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.27 - Strategy, Performance, and Business Intelligence
- A1. Identification
- D1. Detective Actions & Controls
- I1. Info Management
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- A2. Analysis
- D2. Notification
- M2. Performance Monitoring
- R2. Internal Investigation
- A3. Planning
- D3. Inquiry
- I3. Technology
- P3. Policies
- R4. Crisis Response
- P7. Risk Financing
ISO 26000 – Social responsibility resource Standards and Guidelines OCEG Reviewed
The International Standards Organization (ISO) website on ISO 26000:2010 Guidance on social responsibility. This site contains a project overview, summary of the standard, resources and FAQs. ISO 26000 was finalized in 2010.
