Presentation is loading. Please wait.

Presentation is loading. Please wait.

RISK ASSESSMENTS. WHY PERFORM A RISK ASSESSMENT  Fulfills Requirements  Empowers management to make informed strategic decisions  Identifies areas.

Published byCorey Gyles Merritt Modified over 8 years ago

Similar presentations

Presentation on theme: "RISK ASSESSMENTS. WHY PERFORM A RISK ASSESSMENT  Fulfills Requirements  Empowers management to make informed strategic decisions  Identifies areas."— Presentation transcript:

1 RISK ASSESSMENTS

2 WHY PERFORM A RISK ASSESSMENT

3  Fulfills Requirements  Empowers management to make informed strategic decisions  Identifies areas where controls are needed BENEFITS

4 REQUIRED RISK ASSESSMENTS

5  Can be required for almost any major area of credit union operations  The following are specifically mentioned in regulation or guidance:  BSA  OFAC  Customer/Member Identification Program  IT/Information Security  ID Theft Red Flag  Vendor Management  Disaster Recovery/Business Continuity  Online Banking (multi-factor authentication)  Remote Deposit Capture REQUIRED RISK ASSESSMENTS

6 MAKING INFORMED DECISIONS

7  Risk can never be entirely eliminated. Management must determine appetite for risk  Using risk assessments will help credit unions continue to provide meaningful products and services to members while including necessary safeguards  Common risks for small credit unions  Snakes  Silos  Sinkholes MAKING INFORMED DECISIONS

8 Risk assessments help you identify unintended consequences SNAKES

9 Risk assessments help you determine vulnerabilities created when one person has control over vital systems or has all the expertise/knowledge in the credit union SILOS

10 SINKHOLES Risk assessment help you prepare for the unexpected

11 OUTCOME OF A RISK ASSESSMENT

12  Reject the plan  Accept the plan  Accept the plan and minimize risk with controls OUTCOME OF A RISK ASSESSMENT

13 PERFORMING A RISK ASSESSMENT

14  Uncomplicated process for an uncomplicated institution  Risks are probably already well known  Control measures are probably already in place or easy to implement  Follow an easy four step process:  Identify risk/risk area  Determine the overall degree of risk  Identify areas of concern  Decide on precautions (controls) BASIC RULES

15  What areas of an operation are vulnerable or what could go wrong?  Use risk assessment guidance  Ask others  Past experiences IDENTIFY THE RISK AREA

16  How likely is it that a specific area could cause problems?  How likely is it that a specific event could come to pass? EVALUATE THE DEGREE OF RISK

17  Zero risk?  What/who might be harmed and why?  For each risk, be clear about who/what might be harmed; it will help identify the best way of managing the risk. IDENTIFY AREAS OF CONCERN

18  “Reasonable and practicable”  “SMART” controls DECIDE ON CONTROLS

19  Systems  Monitoring  Accountability  Response  Training “SMART” CONTROLS

20 FINAL THOUGHTS

21  Record your findings and implement them  Develop procedures  Review your risk assessment and update if necessary FINAL THOUGHTS

Download ppt "RISK ASSESSMENTS. WHY PERFORM A RISK ASSESSMENT  Fulfills Requirements  Empowers management to make informed strategic decisions  Identifies areas."

Similar presentations

Dr Anne Raynal Senior Medical Inspector HSE March 2007

Dr Anne Raynal Senior Medical Inspector HSE March 2007
Securing Engagement in Risk Management Mark Scrivener Corporate Risk Manager 16 th October 2013.

Securing Engagement in Risk Management Mark Scrivener Corporate Risk Manager 16 th October 2013.
RISK ANALYSIS.  Almost all of the things that we do involve risk of some kind, but it can sometimes be challenging to identify risk, let alone to prepare.

RISK ANALYSIS.  Almost all of the things that we do involve risk of some kind, but it can sometimes be challenging to identify risk, let alone to prepare.
Red Flag Rules: What they are? & What you need to do

Red Flag Rules: What they are? & What you need to do
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
TMS-RA04-A-01-02Page 1 of 20 The Risk Assessment Process.

TMS-RA04-A-01-02Page 1 of 20 The Risk Assessment Process.
Are You Ready? Identity fraud and identity management are quickly becoming critical operational concerns for the financial industry. The Red Flags Guidelines.

Are You Ready? Identity fraud and identity management are quickly becoming critical operational concerns for the financial industry. The Red Flags Guidelines.
Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.

Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.
WORKING ON WORK PLANS. Supervisory Committee Work Plans “The better the planning, the better the result!” Work plans provide an organized, systematic.

WORKING ON WORK PLANS. Supervisory Committee Work Plans “The better the planning, the better the result!” Work plans provide an organized, systematic.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
© 2000 International Risk Control America, Inc. Risk Management Presentation — 1 International Risk Control America IRCA www.irca.ws.

© 2000 International Risk Control America, Inc. Risk Management Presentation — 1 International Risk Control America IRCA
Risk Management Chapter 7.

Risk Management Chapter 7.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Risk Assessment Frameworks

Risk Assessment Frameworks
2 3 The WHS Plan should include:  Budget  Available resources  Responsibilities  Roles  Goals aimed at improving performance  Timelines when policies.

2 3 The WHS Plan should include:  Budget  Available resources  Responsibilities  Roles  Goals aimed at improving performance  Timelines when policies.
Personal Integrity Excellence Service Before Self RelationshipsJoy Safety Always Foundation: Our Core Values.

Personal Integrity Excellence Service Before Self RelationshipsJoy Safety Always Foundation: Our Core Values.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Chapter 4 Internal Controls McGraw-Hill/Irwin

Chapter 4 Internal Controls McGraw-Hill/Irwin
Hazards Identification & Risk Assessment (HIRA) and On-site & Off-site Emergency management Plans Dr. R. Dubey - DMI.

Hazards Identification & Risk Assessment (HIRA) and On-site & Off-site Emergency management Plans Dr. R. Dubey - DMI.
1 CHCOHS312A Follow safety procedures for direct care work.

1 CHCOHS312A Follow safety procedures for direct care work.

Similar presentations

Ads by Google