Risk Management (based on ISO31000)

Risk management under ISO31000 provides an informed point for generic risk assessments to confirm the current controls for mitigating risks and consequences. The risk process spans horizontally from Inherent to Residual to Target Risks, whilst having depth that accounts for the consequences and controls associated with each risk. You decide how much of the risk process should be dealt with, making it manageable as well as understandable for staff. This process  allows a staged approach to be taken, adding more aspects later. The risk process leads to a series of fields that become populated and in turn reflected in KnowRisk®. Staff will become familiar with these fields according to the role they play in the process and become more knowledgeable about risk management through applying the process in their work.

Read More

Compliance is a form of operational risk that evaluates your conformance with rules and regulations that are imposed by governments across many types of work disciplines, such as human resource management, safety, tax laws and the like. These add to the cost of running the Company where there is no option or variance allowed.

The risk of breaching rules and regulations is measured using risk criteria and helps the Company understand where managing rules and regulations vary according to the severity of the fees and penalties that you may be obliged to pay.

Read More

The Controls Self-Assessment Method, also referred to as Controls Self Assurance (CSA), is a form of internal review of controls that is conducted by your company. It is proving to be a good approach in supplementing internal audit and compliance programs with the front-line risk reduction efforts.

The ownership of risks and controls starts with the business unit managers and their staff. They are required to identify their risks using the risk management processes that have been described earlier.

Read More

Managing Project Risks is an area of strong opportunity to make use of ERM, delivering Projects with an increased level of performance and working towards more maturity where projects are ranked and the best ones be invested in.

The CorProfit approach is to align Managing Project Risks with the ISO31000 Risk Process; just using the traditional Project Management approach is insufficient.

Read More

Contract Management is the management of contracts made with customers, vendors, partners, or employees. The personnel involved in contract administration are required to negotiate, support and manage effective contracts which includes negotiating the terms and conditions in contracts and ensuring compliance with the terms and conditions, as well as documenting and agreeing on any changes or amendments that may arise during its implementation or execution.

CorProfit assists you to have the ideal solution to align Contract Management to ERM since ERM strengthens potential weaknesses in contracts to your advantage.

Read More

Internal audit is a long-standing discipline. The primary focus is on evaluating whether the control environment of your company is at the correct level.

CorProfit assists you with risk-based auditing as it shows which risks are the highest and therefore where Internal Audit efforts should be focused.

Given the flexible nature of the KnowRisk® software, you can adapt and adjust the module over time to cater to your needs in the future, without having to call CorProfit to perform any specific customisation.

Read More

Risk Management is an evolving business practise and is now reaching a level of maturity where ERM (Enterprise Risk Management) is becoming more defined.

CorProfit brings thought leadership and field-experience where your corporate Risk Framework document is established to have a range of Risk Management Programs integrated according to the processes and methodologies each employs.  This is taken a step further to integrate under one software platform, KnowRisk®.

Read More