There are of course existing risk and compliance system solutions on the market, with varying degrees of functionality, cost and ability to meet your firms’ requirements. However, when it comes to looking at the minimum you need from a risk and compliance database, we think the following will always be required:
Your Risk and Compliance system needs to be able configured to the structure and hierarchy of how you manage risk in your firm, including:
- Being able to utilise your firms risk rating methodology and terminology
- Ability to upload relevant documents and attachments to the database, and also download any of the information from the database
- Enabling individual Flexible dashboard showing the risk and compliance data relevant to that user’s role
- Flexible reporting functionality to report on any of the Risk and Compliance data
The database needs to not only be easy and quick to implement and update, but simple and intuitive for all users, without the need to lengthy training sessions and manuals.
Not only must the system be secure to prevent your firms’ risk and control data externally, but also internally it needs suitable role based user access that controls the users capability to view and edit only information appropriate for them.
The risk and compliance system needs to be one that provides the functionality to improve the efficiency of your risk and compliance management activities and save your firm time, resource, and therefore money.
It needs to be priced sensibly to make it accessible to as many users within a firm as possible.
5. Converge your data
The risk and compliance needs to bring together all your risk and compliance data:
- In one common structure
- Using one common methodology
- Converging relevant information e.g. risk events and deficiencies linked to the relevant control, informing the control effectiveness and residual risk
- Enable you to keep the data up to date easily.
6. Regulatory Compliance Rule mapping
It is essential for effective and complete compliance management that the database enables mapping of reg rules to controls and provides the transparent view of risk management and control mitigation against each regulatory rule.
One of the greatest benefits of a risk and compliance database should be to provide up to date, real time reporting – quickly and easily- suitable for all recipients and users- from every day risk management to risk committee packs.
8. Audit trail
Your risk and compliance system needs a full audit trail to record what actions have been taken, when, by whom and why.
At 1RS we understand what all firms need from a risk and compliance database and these are the fundamentals on which we have designed and built ERIC- the 1RS Enterprise Risk and Compliance database.
ERIC is the cost effective, flexible, easy to use, secure database that will meet the needs of any firm’s risk and compliance management, whatever your size.
For more information on ERIC, contact 1RS.