We believe that where work can be done more effectively and more efficiently by an outsider than an insider; it should be given to the outsider. We provide outsourced Chief Risk Officer (CRO) solutions to selected clients wanting to form a close value-driven relationship. The service offering ranges from a full end-to-end service to almost anything in between.
Our full service solution comprises developing and implementing value-based Enterprise Risk Management and the ongoing execution of the programme in the role of CRO, on a retainer basis. Our solutions are practical, flexible, scalable, and adaptable to suit your organisational requirements.
In an outsourcing relationship we will work with the board, the executives, and the senior management team to develop and maintain the organisation’s ERM programme.
Typically we will:
- Review any existing risk management charters, policies, plans, registers, and other risk management documentation.
- Perform a King III Chapter 4 risk management gap analysis and make recommendations to apply the principles or explain why they are not being applied.
- Develop a Board Risk Charter, a Risk Management Policy, and a Risk Management Plan.
- Define the Risk Universe and the Risk Parameters based on the risk appetite.
- Develop the terms of reference for a Corporate Risk Committee and participate in it.
- Review the existing risk management methodology and define a risk management framework taking into consideration COSO ERM, ISO 31000, and the requirements of the National Treasury Framework (where applicable).
- Review the current risk assessment process and the current risk register.
- Conduct an enterprise-wide risk identification process.
- Prepare and facilitate a risk assessment workshop.
- Facilitate the development of mitigation strategies for the top risks and assign risk owners and implementation timeframes.
- Develop a monitoring and reporting process for the top risks.
- Participate in the ongoing risk management process.