Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

COSO I COSO II

MEYCOR COSO AG - A Comprehensive Solution

Meycor COSO AG Assessment Module Audit Module

MEYCOR COSO AG Meycor COSO AG includes several activities to be assigned to the parties involved in the Risk Management process and a methodology project to provide a step-by-step guide.

MEYCOR COSO AG Fully customizable to meet the organization's needs and corporate culture.

The Organization Easily define the organizational structure and its related processes, managing web communications.

Using a fully customizable self-assessment you can get a quick diagnosis of how the current Risk Environment and Controls are perceived. You can quickly identify the items that need to be addressed in order to focus resources. Fully understand your organization's attitude towards risk and how the entity's personnel handles and reacts to risks.

You can define several Objectives for each process, classifying and assigning them importance ratings. Strategic objectives can be traced to the highest organizational level. You can even define a different risk threshold for each objective. Enterprise Risk Management ensures that Senior Management has a process in place to establish objectives and that the objectives thus selected contribute to the entity's mission.

with the collaboration of all the areas involved. Events are identified with the collaboration of all the areas involved. Meycor COSO AG includes a sample event database for common processes. Internal and external events that affect the entity's objectives must be identified and classified as Risks or Opportunities.

likelihood of occurrence You can estimate their likelihood of occurrence and consequences. Risks are analyzed considering their likelihood and impact in order to determine how they should be managed.

It is also possible to perform a quantitative loss analysis by identifying the value of the affected assets.

An exposure index is set and compared against the acceptable level set by the organization.

Senior Management selects the possible answers (avoid, accept, minimize or share), developing actions to align the risks with the maximum acceptable risk and the entity's tolerance to risks.

several treatment options You can simulate several treatment options

It is also possible to review risks that combined could seriously compromise the achievement of the objectives.

You can specify mitigation control activities for each risk and assess their effectiveness (being even possible to audit them later on). If the processes' activities are analyzed, the control activities can be linked directly to risks. Policies and procedures are set and executed to ensure that the risk response is performed effectively.

Risk Maps and Reports are published All relevant information is identified, captured and communicated timely and accurately in order to enable the staff to take on full accountability. An effective communication needs feasible channels throughout the entity. Risk Maps and Reports are published in such way that each area must take responsibility for their risks.

Each area is accountable Banking Credit Cards Mortgages Current Accounts Each area is accountable for their own risks General Map w/Controls

Using the web module you can access all the documents and check whether they were read, understood and agreed on.

You can generate reports in RTF, HTML and XLS formats as well as several charts including specific information.

The Audit team can access the risk information in a read-only format in order to define the Audit Projects. Enterprise Risk Management is thus entirely monitored, being possible to make timely changes when appropriate. This monitoring can be easily performed either through Senior Management activities or independent assessments.

The Audit Module allows you to use Audit Guidelines to perform the review process and to report findings.

With Meycor COSO AG you can define and manage Action Plans to improve controls.

Meycor KP – Event Module Record Loss Events Meycor KP – Event Module Legal OS for Operational Risk Management Registration Generate the control documents necessary to report to Senior Management, to the Operational Risk Committee, and to any areas involved. Transfers Collection SR Withdrawals Measure/ Assess Customer Service KRI IT Risk Unit Meycor Delphos

Different areas can report loss events to identify possible changes to the risk assessment.

automatically from the You can define KRI (Key Risk Indicators) that can be populated automatically from the Events Module.

For further information: Request a free assessment of your organization's Risk Management Maturity Level to datasec@datasec-soft.com