Risk Consulting

Organisations face a multitude of risk, control and compliance challenges. Governance, Risk and Compliance (GRC) is a framework that addresses these challenges with an integrated and coherent approach. I help assess, define and implement GRC processes that are appropriate for the organisation's maturity level. 

Managing risks is one of the top priorities in any organisation. Enterprise Risk Management (ERM) enables an organisation to better understand its top risks and how to prioritise them for strategic advantage. I help organisations define and prioritise their enterprise risks, and connect them to operational processes and risks. 

At operational level, the number of risks can be in the hundreds or more. Many organisations struggle to identify these risks, and to define and test the required internal controls. I help identify, assess and prioritise operational risks and controls through a series of structured risk workshops and validations. 

As the pace of digitisation of business operations has increased significantly in recent years, managing digital fraud has become a major challenge for organisations. I work with solution providers to implement anti-fraud solutions for digital and payment industries, such as electronic payment providers and e-commerce.

Fraud usually occurs when risks are not mitigated and/or controls are circumvented over a period of time. Fraud does not occur in isolation. I help define key risk indicators or early warnings to detect fraud. In addition, I assist you in updating your processes and policies to embed controls to reduce the risk of fraud. 

Understanding an organisation's current state is a critical step in  identifying areas for improvement, for instance, when it is undergoing significant changes, or it has encountered fraud, control or regulatory issues. I help assess the current state, identify gaps to agreed standards, develop remediation plan and follow-ups.