Before we delve deep into understanding banking industry risks under various categories let us look at what world-wide regulators prescribe as norms to be followed We all know that Banks play a crucial and important role in the national and global economy. Banks on the one hand bring in deposits from individuals, corporates and other…
Author: sujatha
High level overview of IT risks
This is a huge and on going topic – fundamentally because of the rapid innovations that are happening in the technology space. The word “information technology” as we understand today (to name a few) encompasses hardware resources, networks, operating systems, virtualization, software engineering, business applications, artificial intelligence (AI), robotics, cloud computing, etc. New and innovative…
Foundation for internal control
Getting on top of access and authorization risks. The most important and basic foundation to be laid for internal controls starts with assessing who are the persons who have authorization to do business transactions and what kind of responsibilities and reach they have within the organization. Very often we find that people are given too…
On fraudulent behavior and scams
Corrupt staff and insiders helping fraudsters … Accepting fraudulent behaviour and corruption as a way of life is one of the worst degradations of personal and societal ethics and norms. It not only plunges the concerned nation, organization, individual engaged in both giving and receiving illegal gratification (either in the form of cash or kind…
Identify and define ‘risks’
OK .. so you have a structure by way of risk categories and sub categories, but now getting down to the task of identifying individual risk events that could occur and needs monitoring is another major step. Let us break it into two parts – identification and acceptance by stakeholders for monitoring, and, defining and…
“Sub-categorization” of risks does help
Now that you have got an idea of how to categorize your risk groups, let us see if ‘sub categorization’ makes for any benefits. Major categories such as General Accounting or Procurement or Information Systems is too generic, but good for top level grouping and reporting. However, many organizations operate differently and we need to…
Risk “categorization”
Before you “spot your risks” in different areas of business areas or operations, you need to structure your thoughts so that you may identify different risk categories that are relevant, important and critical for your tracking. You might wonder why categorization? – Can I just not go about having a list of top 10 or…
Internal Controls – its importance
There are many definitions of internal control, and I give below one of them retrieved from Business Dictionary website. (Read more: //www.businessdictionary.com/definition/internal-control.html ) “Systematic measures (such as reviews, checks and balances, methods and procedures) instituted by an organization to (1) conduct its business in an orderly and efficient manner, (2) safeguard its assets and resources,…
Why should you at all care about risks?
The word risk connotes events that are uncertain, unpredictable, beyond the sphere of one’s control. As found in the ISO/IEC Guide 73, risk is the combination of the probability of an event occurring and its consequences. For example the probability of loss of business due to competition or loss of an asset that affects business…