A risk assessment is key to developing your organisation’s risk profile and a starting point of an effective programme. Your risk profile is an evaluation that identifies the unique risks your organisation may face given its industry, geography and employee population. A periodic, comprehensive risk assessment will help regularly identify potential criminal, reputational and ethical risks.

Want to see the seven other steps of an effective compliance programme? Sign up here.

Use the chart below as a self-assessment to see how you are currently evaluating your risks.

  • Green: We have the best practices in place with a robust process
  • Yellow: We are in the process of developing a robust process
  • Red: We do not have a process in place or know how to implement one

If your responses fell mostly in the green column, you have the right processes in place to get an accurate picture of your risks. If most of your responses fell in the yellow or red category, review the resources below to get a better idea of where your risks may be. 

Resource: Risk Assessment Framework

Use this framework to walk through the steps of a risk assessment process including the identification, assessment, mitigation, and ongoing monitoring and reporting of these risks

Resource: Sample Risk Assessment Ranking & Reporting Process

Once you’ve identified the risks, it helps to map them out and prioritise them. Use this tool to create a heat map to prioritise your highest risk areas.

See the how a risk assessment fits into your overall compliance programme by joining the 8 Steps of an Effective Compliance Programme content series today.