ICA Diploma: Risk Management in Governance, Risk & Compliance
VerifiedAdded on 2022/12/29
|18
|3862
|81
Report
AI Summary
This assignment solution delves into the critical aspects of risk management within the framework of governance and compliance. It addresses the evolving role of the compliance function, emphasizing the importance of aligning internal policies with external regulations. The solution outlines a comprehensive risk management process, highlighting the significance of risk identification, evaluation, prioritization, and mitigation planning. It also critiques current approaches to recruitment, vetting, and training of senior staff, advocating for improved practices to support a strong compliance and risk culture. Furthermore, the assignment offers recommendations for the recruitment of an interim head of compliance and risk, stressing the need for a proactive and strategic approach to GRC that integrates risk management into the organization's culture and decision-making processes. Desklib provides students access to similar solved assignments.
RUNNING HEAD: - Risk Management 0
Risk Management
Module Number
Risk Management
Module Number
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Management 1
Table of Contents
Answer to question no-1.............................................................................................................................1
The development of the role of compliance function over the last decade..............................................1
Answer to question no-2.............................................................................................................................4
A Risk Management Process....................................................................................................................4
Answer to question no- 3............................................................................................................................7
Current approach to recruitment, vetting and training of senior staff in key roles at EveryFirm
International (EI) is not acceptable..........................................................................................................7
Answer to question no- 4..........................................................................................................................10
Letter illustrating role of recruitment, vetting and training activities in supporting compliance and risk
culture...................................................................................................................................................10
Introduction.......................................................................................................................................10
Role of recruitment, vetting and training activities in supporting compliance..................................10
Training and qualifications good practice..........................................................................................11
The culture of an organization...........................................................................................................11
Recommendations regarding the recruitment of the interim head of compliance and risk..............12
Conclusion.........................................................................................................................................12
Bibliography...............................................................................................................................................13
Table of Contents
Answer to question no-1.............................................................................................................................1
The development of the role of compliance function over the last decade..............................................1
Answer to question no-2.............................................................................................................................4
A Risk Management Process....................................................................................................................4
Answer to question no- 3............................................................................................................................7
Current approach to recruitment, vetting and training of senior staff in key roles at EveryFirm
International (EI) is not acceptable..........................................................................................................7
Answer to question no- 4..........................................................................................................................10
Letter illustrating role of recruitment, vetting and training activities in supporting compliance and risk
culture...................................................................................................................................................10
Introduction.......................................................................................................................................10
Role of recruitment, vetting and training activities in supporting compliance..................................10
Training and qualifications good practice..........................................................................................11
The culture of an organization...........................................................................................................11
Recommendations regarding the recruitment of the interim head of compliance and risk..............12
Conclusion.........................................................................................................................................12
Bibliography...............................................................................................................................................13
Risk Management 2
Answer to question no-1
The development of the role of compliance function over the
last decade
The corporate governance program helps in strengthen the legal compliance program and helps
in meeting the applicable rules and regulation in business. Generally the significance of effective
governance, risk management and compliance is well recognized, but there are large differences
present and how unfair it needs to be managed. By using the effective governance program,
company could easily mitigate the uncertain risks of the business. The day to day, and multiple
functions and their departments present and business organizations may handle GRC operations,
but overall it is very important that the board should own and driest GRC strategy. The creation
of the correct environment for mitigating risk, optimizing performance in protecting the brand of
the company starts from the top. It provides the basis for the development of the right GRC
culture in the organization, which allows each member of the organization to understand the role
that he or she has to play in companywide compliance and activate integrity and embodies the
values of the organization.1 In order to succeed, the business organization should be capable of
anticipating potential risks and remain protective, while involving the internal and external
environment. In the GRC operation, compliance officer needs to spot the uncertain issues and
risk faced by organization to strengthen the overall objectives and goals. In this regard, the
development that has taken place in role of compliance can be described as follows:
Compliance with internal policies and external regulations: It will be fair to claim that the
organizations cannot be too compliant, but they always face the risk of breaching the internal
1 Maphanga, Godrey Cyprian and Osden Jokonya, "The Risk Of Users’ Negative Behaviours
Influence On Information Security Compliance Policy In Organizations" (2017) 7(4) Risk
Governance and Control: Financial Markets and Institutions
Answer to question no-1
The development of the role of compliance function over the
last decade
The corporate governance program helps in strengthen the legal compliance program and helps
in meeting the applicable rules and regulation in business. Generally the significance of effective
governance, risk management and compliance is well recognized, but there are large differences
present and how unfair it needs to be managed. By using the effective governance program,
company could easily mitigate the uncertain risks of the business. The day to day, and multiple
functions and their departments present and business organizations may handle GRC operations,
but overall it is very important that the board should own and driest GRC strategy. The creation
of the correct environment for mitigating risk, optimizing performance in protecting the brand of
the company starts from the top. It provides the basis for the development of the right GRC
culture in the organization, which allows each member of the organization to understand the role
that he or she has to play in companywide compliance and activate integrity and embodies the
values of the organization.1 In order to succeed, the business organization should be capable of
anticipating potential risks and remain protective, while involving the internal and external
environment. In the GRC operation, compliance officer needs to spot the uncertain issues and
risk faced by organization to strengthen the overall objectives and goals. In this regard, the
development that has taken place in role of compliance can be described as follows:
Compliance with internal policies and external regulations: It will be fair to claim that the
organizations cannot be too compliant, but they always face the risk of breaching the internal
1 Maphanga, Godrey Cyprian and Osden Jokonya, "The Risk Of Users’ Negative Behaviours
Influence On Information Security Compliance Policy In Organizations" (2017) 7(4) Risk
Governance and Control: Financial Markets and Institutions
Risk Management 3
rules or policies face potentially dire consequences as a result of the breach of external
regulations. The compliance failure may not be willful, and it can be the result of the lack of
awareness and understanding among the employees.2 Due to this reason an excuse is not
available for inadequate communication and training among the employees. There is a need for
robust operational management and governance. However, after claiming so it is also significant
that an exclusively reactive approach. It should not be adopted by the corporations regarding
compliance and regulation. The strong identity of a corporation depends on the long-term vision
and strategy of the company, which is highlighted by the culture of compliance and integrity.
However, to achieve this in practice, there is the requirement of actively identifying and
managing the risk areas on a regular basis.3 This helps in mitigating the business risk and also
helps in strengthen the overall outcomes throughout the time4.
Sometimes, compliance is considered as a necessary activity, but the activities that takes away
the attention of the board from revenue-generating activities and the growth of the company. It is
true that GRC underpins such activities. If the top-level management is not actively related with
protecting the business, the brand and assets of the company against a risk, it means that the
company has been exposed to exactly the factors that may obstruct the growth. On the other
hand, strategic GRC is always capable of supporting brand of the company by creating
credibility among regulators and policymakers as well as the customers and investors.
2 Hooghiemstra, Reggy and Hans van Ees, "Uniformity As Response To Soft Law: Evidence
From Compliance And Non-Compliance With The Dutch Corporate Governance Code" (2011)
5(4) Regulation & Governance
3 Roy, Amitava, "Corporate Governance Compliance, Governance Structures, And Firm
Performance" [2017] SSRN Electronic Journal
4 The Board Managment Nexus in Corporate Governance", in SSRN Electronic Journal, , 2010.
rules or policies face potentially dire consequences as a result of the breach of external
regulations. The compliance failure may not be willful, and it can be the result of the lack of
awareness and understanding among the employees.2 Due to this reason an excuse is not
available for inadequate communication and training among the employees. There is a need for
robust operational management and governance. However, after claiming so it is also significant
that an exclusively reactive approach. It should not be adopted by the corporations regarding
compliance and regulation. The strong identity of a corporation depends on the long-term vision
and strategy of the company, which is highlighted by the culture of compliance and integrity.
However, to achieve this in practice, there is the requirement of actively identifying and
managing the risk areas on a regular basis.3 This helps in mitigating the business risk and also
helps in strengthen the overall outcomes throughout the time4.
Sometimes, compliance is considered as a necessary activity, but the activities that takes away
the attention of the board from revenue-generating activities and the growth of the company. It is
true that GRC underpins such activities. If the top-level management is not actively related with
protecting the business, the brand and assets of the company against a risk, it means that the
company has been exposed to exactly the factors that may obstruct the growth. On the other
hand, strategic GRC is always capable of supporting brand of the company by creating
credibility among regulators and policymakers as well as the customers and investors.
2 Hooghiemstra, Reggy and Hans van Ees, "Uniformity As Response To Soft Law: Evidence
From Compliance And Non-Compliance With The Dutch Corporate Governance Code" (2011)
5(4) Regulation & Governance
3 Roy, Amitava, "Corporate Governance Compliance, Governance Structures, And Firm
Performance" [2017] SSRN Electronic Journal
4 The Board Managment Nexus in Corporate Governance", in SSRN Electronic Journal, , 2010.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Management 4
It is generally said that. "Forewarned is a forearmed" and this is also true in case of risk
management. Therefore the organizations that look ahead are capable of analyzing the
environment and understand the various links present in supply chains and become ready for
what may happen. The senior leadership of the organization sets the tone around such a risk,
managing the risk is equally concerned with performance as it is related with preservation. For
the purpose of focusing on the main performance indicators that are significant, the board should
first of all identify the major risks and also understand how these risks are going to effect the
objectives and priorities of the company. Nonetheless, proper actin plan and strengthen business
internal control system would be useful to strengthen the overall outcomes of the undertaken
project outcomes.
Effective risk management is a result of effective risk planning. In the current interconnected
world, it becomes insignificant to understand the dependencies among the organizations, which
cannot exist simply within the four walls of the company, but extended to other parties like
partners and suppliers.5 Therefore non-compliance in one act of the business may result in a risk
present for the others like finance and IT.6 Ultimately, such a situation may cause damage to the
trust of the customers and the reputation of the brand. Due to this reason, compliance should not
be undertaken with compliance function and it should cover the organization horizontally as well
as vertically and need to be seen as the priority of top management. This shows the effective
compliance program helps organization to strengthen the business corporate governance and
mitigate the compliance issues in the process. Therefore, compliance officer needs to strengthen
5 Babayants, Eleonora, "Information – Governance, Risk, Compliance" (2018) 6(3) Pharmacy &
Pharmacology International Journal
6 Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
It is generally said that. "Forewarned is a forearmed" and this is also true in case of risk
management. Therefore the organizations that look ahead are capable of analyzing the
environment and understand the various links present in supply chains and become ready for
what may happen. The senior leadership of the organization sets the tone around such a risk,
managing the risk is equally concerned with performance as it is related with preservation. For
the purpose of focusing on the main performance indicators that are significant, the board should
first of all identify the major risks and also understand how these risks are going to effect the
objectives and priorities of the company. Nonetheless, proper actin plan and strengthen business
internal control system would be useful to strengthen the overall outcomes of the undertaken
project outcomes.
Effective risk management is a result of effective risk planning. In the current interconnected
world, it becomes insignificant to understand the dependencies among the organizations, which
cannot exist simply within the four walls of the company, but extended to other parties like
partners and suppliers.5 Therefore non-compliance in one act of the business may result in a risk
present for the others like finance and IT.6 Ultimately, such a situation may cause damage to the
trust of the customers and the reputation of the brand. Due to this reason, compliance should not
be undertaken with compliance function and it should cover the organization horizontally as well
as vertically and need to be seen as the priority of top management. This shows the effective
compliance program helps organization to strengthen the business corporate governance and
mitigate the compliance issues in the process. Therefore, compliance officer needs to strengthen
5 Babayants, Eleonora, "Information – Governance, Risk, Compliance" (2018) 6(3) Pharmacy &
Pharmacology International Journal
6 Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
Risk Management 5
the control system program to mitigate the uncertain risk and lower down the risk associated
with the undertaken process.
the control system program to mitigate the uncertain risk and lower down the risk associated
with the undertaken process.
Risk Management 6
Answer to question no-2
A Risk Management Process
Risk management is accompanied with the process which is required to be done to manage the
uncertain factors and risk associated with undertaken work but they need to be done
systematically, continuously and at an early stage to strengthen the overall outcomes. Therefore
risk management should be achieved at various levels in the organization. This risk management
is helpful to strengthen the overall outcomes and mitigate the uncertain risks. This starts from
enterprise risk management and also covers project risk management. The basic process phase is
related with risk management and simple tools for managing risks in case of international
business 7. It can be done by extending the scope operations and also by using the tools that are
appropriate under the situation8. The definitions of risk management process generally include
six phases, the identification of press, evaluating risks, prioritizing the risks, planning activities
related with the mitigation or avoidance of risks, implementing actions and following the status.
The risk management is highly based on the internal control system which is accompanied with
the identifying the risk and managing the risk with the undertaken support actions.
In the first phase of this process, the identification of risks is the most significant step. It is not
possible to manage risk and without identifying the risk first of all. Risk identification cannot be
described as a one-time action. This process needs to be undertaken regularly and by involving a
large number of employees. The identification of risk should also be a normal part of the routine
meetings. They employed should be motivated for identifying and raising the level of risk. The
more the risks are discussed, the more people in the organization are going to become aware of
7 A Loste, "EXECUTIVE SUMMARY: SCENARIOS, REAL OPTIONS AND INTERGRATED RISK
MANAGMENT", in Long Range Planning, vol. 36, 2017, 12.
8 P Wagner & B Barkley, Global program management, in , New York, McGraw-Hill, 2010.
Answer to question no-2
A Risk Management Process
Risk management is accompanied with the process which is required to be done to manage the
uncertain factors and risk associated with undertaken work but they need to be done
systematically, continuously and at an early stage to strengthen the overall outcomes. Therefore
risk management should be achieved at various levels in the organization. This risk management
is helpful to strengthen the overall outcomes and mitigate the uncertain risks. This starts from
enterprise risk management and also covers project risk management. The basic process phase is
related with risk management and simple tools for managing risks in case of international
business 7. It can be done by extending the scope operations and also by using the tools that are
appropriate under the situation8. The definitions of risk management process generally include
six phases, the identification of press, evaluating risks, prioritizing the risks, planning activities
related with the mitigation or avoidance of risks, implementing actions and following the status.
The risk management is highly based on the internal control system which is accompanied with
the identifying the risk and managing the risk with the undertaken support actions.
In the first phase of this process, the identification of risks is the most significant step. It is not
possible to manage risk and without identifying the risk first of all. Risk identification cannot be
described as a one-time action. This process needs to be undertaken regularly and by involving a
large number of employees. The identification of risk should also be a normal part of the routine
meetings. They employed should be motivated for identifying and raising the level of risk. The
more the risks are discussed, the more people in the organization are going to become aware of
7 A Loste, "EXECUTIVE SUMMARY: SCENARIOS, REAL OPTIONS AND INTERGRATED RISK
MANAGMENT", in Long Range Planning, vol. 36, 2017, 12.
8 P Wagner & B Barkley, Global program management, in , New York, McGraw-Hill, 2010.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Management 7
the risks present and more they will be in a position to identify the new risks. At this stage, the
techniques used for gathering information like interviews, brainstorming and expert evaluations
as well as the analysis tools like root cause analysis, SWOT on various diagramming techniques
may also prove to be helpful.9 This risk management process will be helpful to strengthen the
work process and also helps in setting up the internal control system to identify the issues and
problem at spot and develop the risk management program.
The next stage is the evaluation of the risks identified. In this context, the definition of risk may
include the components of probability and its impact. While evaluating the risks, both these
components should be analyzed. With the changes taking place in environment, the effect and
probabilities of risk also undergo a change. Therefore, this activity should be undertaken
regularly. Various assessment or simulation tools are available for making this evaluation and at
the same time, interviews or expert evaluation also prove to be helpful for such evaluation. After
this evaluation of risks, the next step is to prioritize the risks. This is necessary for the allocation
of resources for dealing with more significant risks. One significant tool available for
prioritization of risk is risk matrix, as it combines probability as well as the impact of risk.
After these steps, the most significant risks will become obvious and then there is a need to come
up with the mitigation plan. The mitigation plan is going to be effective if it includes text like,
who owns the less, the real mention of actions and the persons responsible and the schedule.
Related when the implementation of actions. This plan has been discussed regularly in meetings
and the results should be monitored. In case the actions taken under the plan do not prove to be
effective as required, then the need is to define further actions.10
9 Humphreys, Edward, "Information Security Management Standards: Compliance, Governance
And Risk Management" (2008) 13(4) Information Security Technical Report
10 Humphress, Rick Douglas, "Turning Up The Heat: Governance, Risk, And Compliance
Technology And Performance Fraud" [2010] SSRN Electronic Journal
the risks present and more they will be in a position to identify the new risks. At this stage, the
techniques used for gathering information like interviews, brainstorming and expert evaluations
as well as the analysis tools like root cause analysis, SWOT on various diagramming techniques
may also prove to be helpful.9 This risk management process will be helpful to strengthen the
work process and also helps in setting up the internal control system to identify the issues and
problem at spot and develop the risk management program.
The next stage is the evaluation of the risks identified. In this context, the definition of risk may
include the components of probability and its impact. While evaluating the risks, both these
components should be analyzed. With the changes taking place in environment, the effect and
probabilities of risk also undergo a change. Therefore, this activity should be undertaken
regularly. Various assessment or simulation tools are available for making this evaluation and at
the same time, interviews or expert evaluation also prove to be helpful for such evaluation. After
this evaluation of risks, the next step is to prioritize the risks. This is necessary for the allocation
of resources for dealing with more significant risks. One significant tool available for
prioritization of risk is risk matrix, as it combines probability as well as the impact of risk.
After these steps, the most significant risks will become obvious and then there is a need to come
up with the mitigation plan. The mitigation plan is going to be effective if it includes text like,
who owns the less, the real mention of actions and the persons responsible and the schedule.
Related when the implementation of actions. This plan has been discussed regularly in meetings
and the results should be monitored. In case the actions taken under the plan do not prove to be
effective as required, then the need is to define further actions.10
9 Humphreys, Edward, "Information Security Management Standards: Compliance, Governance
And Risk Management" (2008) 13(4) Information Security Technical Report
10 Humphress, Rick Douglas, "Turning Up The Heat: Governance, Risk, And Compliance
Technology And Performance Fraud" [2010] SSRN Electronic Journal
Risk Management 8
In an ideal situation, the rest is going to be decreased or eliminated, and therefore it can be
invoked from the list of most significant risks after the elections have been implemented. It is
also require that in order to successfully implement the different phases of risk management
process, the organization should create a risk management culture which will help the managers,
employees and other stakeholders in becoming aware of the significance of risk management,
particularly for the organization and the projects undertaken by it. When the risk management
has become a part of the working culture of the organization, the organization becomes stronger
against the risks and their effects.11 Therefore, it could be inferred that the risk management starts
with the identification and evaluation of the risk associated with the uncertain factors and the
procedural internal control system undertaken by the organization to mitigate these risks. These
helps in strengthen the overall outcomes and assists in accomplishing the set objectives and
goals. Nonetheless, this shows the proper internal control program to mitigate the associated risk
with the process.
11 Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
In an ideal situation, the rest is going to be decreased or eliminated, and therefore it can be
invoked from the list of most significant risks after the elections have been implemented. It is
also require that in order to successfully implement the different phases of risk management
process, the organization should create a risk management culture which will help the managers,
employees and other stakeholders in becoming aware of the significance of risk management,
particularly for the organization and the projects undertaken by it. When the risk management
has become a part of the working culture of the organization, the organization becomes stronger
against the risks and their effects.11 Therefore, it could be inferred that the risk management starts
with the identification and evaluation of the risk associated with the uncertain factors and the
procedural internal control system undertaken by the organization to mitigate these risks. These
helps in strengthen the overall outcomes and assists in accomplishing the set objectives and
goals. Nonetheless, this shows the proper internal control program to mitigate the associated risk
with the process.
11 Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
Risk Management 9
Answer to question no- 3
Current approach to recruitment, vetting and training of senior staff in key roles at
EveryFirm International (EI) is not acceptable.
It is clear that human resource (HR) compliance is very necessary for the success of an
organization and it should indeed present the legal environment to comply so that the possible
compliance issues related to the recruitment and selection could be avoided. However, achieving
and maintaining compliance can be a difficult goal to be achieved by the organizations that fail
to recognize the challenges related with this process and develop efficient strategies for dealing
with them. HR compliance needs to be considered as the process of defining individual as well
as group behaviors with certainty made that the applicable policies and laws of the organization
are followed in proper manner. It is also necessary that the HR function should hire and retain
the persons who have knowledge regarding HR specific laws and are also capable of coming up
with procedures and policies repeated with these legislations. Simply writing down the
procedures and policies and placing them repository is not sufficient. After they have been
established, these need to be communicated effectively across all the departments of
organization.12 The HR department is more indulged in complying the legal terms and
compliance program for the hiring process which strengthen the overall outcomes of the process.
For instance, preparing the contract and employment terms and conditions for the employees are
set by the organization. It is most likely to take place in cases where the HR compliance has been
integrated with the overall business strategy of the organization and where the leadership of the
organization has made efforts for making sure that all the employees of the organization aware of
12 Nolan, Sara, "Global HR" (2011) 10(4) Strategic HR Review
Answer to question no- 3
Current approach to recruitment, vetting and training of senior staff in key roles at
EveryFirm International (EI) is not acceptable.
It is clear that human resource (HR) compliance is very necessary for the success of an
organization and it should indeed present the legal environment to comply so that the possible
compliance issues related to the recruitment and selection could be avoided. However, achieving
and maintaining compliance can be a difficult goal to be achieved by the organizations that fail
to recognize the challenges related with this process and develop efficient strategies for dealing
with them. HR compliance needs to be considered as the process of defining individual as well
as group behaviors with certainty made that the applicable policies and laws of the organization
are followed in proper manner. It is also necessary that the HR function should hire and retain
the persons who have knowledge regarding HR specific laws and are also capable of coming up
with procedures and policies repeated with these legislations. Simply writing down the
procedures and policies and placing them repository is not sufficient. After they have been
established, these need to be communicated effectively across all the departments of
organization.12 The HR department is more indulged in complying the legal terms and
compliance program for the hiring process which strengthen the overall outcomes of the process.
For instance, preparing the contract and employment terms and conditions for the employees are
set by the organization. It is most likely to take place in cases where the HR compliance has been
integrated with the overall business strategy of the organization and where the leadership of the
organization has made efforts for making sure that all the employees of the organization aware of
12 Nolan, Sara, "Global HR" (2011) 10(4) Strategic HR Review
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Management 10
the significance of HR compliance. In this regard, there are five basic principles that should be
followed by the organizations for the purpose of achieving these objectives.13
1. Hiring the right talent - a significant responsibility related with the field of HR functions is
to hire the right talent (compensation, legal requirements, employee benefits and talent
management), and it has become a significant issue for the present-day organizations. The HR
function needs to acquire the skills, experience and knowledge or it should be able to access
these with the help of third-party relationships14.
Proper education and training: it is also very significant that HR function of the organization
should be well aware of employment legislation and the legal requirements that can have an
impact on the organization at any moment. Changes are taking place in these legislations and
legal requirements at all the times and therefore it is very significant for the HR to remain aware
of the latest information available in this regard15.
3. Creating Employee Handbook and updating it - The Employee Handbook of an
organization is among the most significant documents. The employee handbook can be described
as a communication tool that need to be clearly mention the procedures and policies of
organization and how its business needs to be conducted. It is also a best practice to have the
handbook reviewed by a legal counsel and any new procedures and policies should be mentioned
in it before its distribution.
4. Conducting schedule the HR compliance audit - there are several HR functions, which are
overworked and understaffed. Regardless of the fact that compliance issues are present or not, it
13 Boussalis, Constantine, Yuval Feldman and Henry E. Smith, "Experimental Analysis Of The
Effect Of Standards On Compliance And Performance" (2017) 12(2) Regulation & Governance
14 J Brown, The handbook of program management: how to facilitate project success with optimal
program management, in .
15 What is Risk Management | Risk Management | Marquette University", in Marquette.edu, , 2020,
<https://www.marquette.edu/riskunit/riskmanagement/whatis.shtml> [accessed 2 March 2020].
the significance of HR compliance. In this regard, there are five basic principles that should be
followed by the organizations for the purpose of achieving these objectives.13
1. Hiring the right talent - a significant responsibility related with the field of HR functions is
to hire the right talent (compensation, legal requirements, employee benefits and talent
management), and it has become a significant issue for the present-day organizations. The HR
function needs to acquire the skills, experience and knowledge or it should be able to access
these with the help of third-party relationships14.
Proper education and training: it is also very significant that HR function of the organization
should be well aware of employment legislation and the legal requirements that can have an
impact on the organization at any moment. Changes are taking place in these legislations and
legal requirements at all the times and therefore it is very significant for the HR to remain aware
of the latest information available in this regard15.
3. Creating Employee Handbook and updating it - The Employee Handbook of an
organization is among the most significant documents. The employee handbook can be described
as a communication tool that need to be clearly mention the procedures and policies of
organization and how its business needs to be conducted. It is also a best practice to have the
handbook reviewed by a legal counsel and any new procedures and policies should be mentioned
in it before its distribution.
4. Conducting schedule the HR compliance audit - there are several HR functions, which are
overworked and understaffed. Regardless of the fact that compliance issues are present or not, it
13 Boussalis, Constantine, Yuval Feldman and Henry E. Smith, "Experimental Analysis Of The
Effect Of Standards On Compliance And Performance" (2017) 12(2) Regulation & Governance
14 J Brown, The handbook of program management: how to facilitate project success with optimal
program management, in .
15 What is Risk Management | Risk Management | Marquette University", in Marquette.edu, , 2020,
<https://www.marquette.edu/riskunit/riskmanagement/whatis.shtml> [accessed 2 March 2020].
Risk Management 11
is very significant for HR function leaders that they should keep the other executives aware of
the potential HR compliance risks as well as the remedies recommended.
The steps mentioned above can help the HR function of EveryFirm International in achieving
the objective of maintaining HR compliance for the organization.
is very significant for HR function leaders that they should keep the other executives aware of
the potential HR compliance risks as well as the remedies recommended.
The steps mentioned above can help the HR function of EveryFirm International in achieving
the objective of maintaining HR compliance for the organization.
Risk Management 12
Answer to question no- 4
Letter illustrating role of recruitment, vetting and training
activities in supporting compliance and risk culture
To
The Executive Team,
EveryFirm International
Re: report illustrating the role of recruitment, vetting and training activities in supporting
compliance and risk culture as well as specific recommendations regarding recruitment of
interim head of compliance.
Introduction
This report reveals the key understanding of the role of recruitment, vetting and training
activities in supporting compliance and how it could be used to strengthen the overall objectives
and goals. However, the Good practices in supervision: procedures should be present for making
sure that the supervisors have proper training and competence.
Role of recruitment, vetting and training activities in supporting compliance
The role of recruitment, vetting and training activities in supporting compliance: it is a
significant to make sure that it has been demonstrated by the organization that they have the
required competence regarding skill and knowledge before. They are going to work with the
reduced supervision. In the present report, some examples of good practices in recruitment,
training and supervision of the employees are also going to be provided.16
Recruitment good practices
16 Casson, Peter, "Market Risk, Corporate Governance And The Regulation Of Financial Firms"
(1996) 4(2) Journal of Financial Regulation and Compliance
Answer to question no- 4
Letter illustrating role of recruitment, vetting and training
activities in supporting compliance and risk culture
To
The Executive Team,
EveryFirm International
Re: report illustrating the role of recruitment, vetting and training activities in supporting
compliance and risk culture as well as specific recommendations regarding recruitment of
interim head of compliance.
Introduction
This report reveals the key understanding of the role of recruitment, vetting and training
activities in supporting compliance and how it could be used to strengthen the overall objectives
and goals. However, the Good practices in supervision: procedures should be present for making
sure that the supervisors have proper training and competence.
Role of recruitment, vetting and training activities in supporting compliance
The role of recruitment, vetting and training activities in supporting compliance: it is a
significant to make sure that it has been demonstrated by the organization that they have the
required competence regarding skill and knowledge before. They are going to work with the
reduced supervision. In the present report, some examples of good practices in recruitment,
training and supervision of the employees are also going to be provided.16
Recruitment good practices
16 Casson, Peter, "Market Risk, Corporate Governance And The Regulation Of Financial Firms"
(1996) 4(2) Journal of Financial Regulation and Compliance
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Management 13
Recruitment good practices: it is important to have a process of recruitment press organization
that is capable of making sure that the individual selected is set for the role. The roles and
responsibilities should also be established clearly and they should also be documented. An
appropriate initial training plan should also be put in place17.
Training and qualifications good practice
Training and qualifications good practice: it is very important to have a training plan related with
the forthcoming year. This plan should contain the schedule for the training events in advance.
Of the advisors should also be in place before getting higher qualifications and also for
improving their scales and knowledge. Complex cases should also be discussed during the
recorded training events.. There are a number of training and assessment methods that can be
used for developing competence. These include market and product training, mock exams and
practical training like the mock sales interview.
Good practices in supervision: procedures should be present for making sure that the supervisors
have proper training and competence. Similarly, clear procedures and criteria should be present
for evaluating the competence of advisors. There should be measurable benchmarks present for
the development of non-competence staff to competence and create time scales should be
established for making this happen.
The culture of an organization
The culture of an organization plays a significant role in making sure that the customers remain
at the heart of how the organization is to manage its business. The manner of incentivizing the
employees and the performance is good and age, remains the key driver of the culture of the
organization. The significance of making sure that the progress with financial incentive
structures for the front line employees should not be undermined by other practices related
17 "5 Steps to Effective Strategic Risk Management | Workiva", in Workiva.com, , 2020,
<https://www.workiva.com/blog/5-steps-effective-strategic-risk-management> [accessed 2 March 2020].
Recruitment good practices: it is important to have a process of recruitment press organization
that is capable of making sure that the individual selected is set for the role. The roles and
responsibilities should also be established clearly and they should also be documented. An
appropriate initial training plan should also be put in place17.
Training and qualifications good practice
Training and qualifications good practice: it is very important to have a training plan related with
the forthcoming year. This plan should contain the schedule for the training events in advance.
Of the advisors should also be in place before getting higher qualifications and also for
improving their scales and knowledge. Complex cases should also be discussed during the
recorded training events.. There are a number of training and assessment methods that can be
used for developing competence. These include market and product training, mock exams and
practical training like the mock sales interview.
Good practices in supervision: procedures should be present for making sure that the supervisors
have proper training and competence. Similarly, clear procedures and criteria should be present
for evaluating the competence of advisors. There should be measurable benchmarks present for
the development of non-competence staff to competence and create time scales should be
established for making this happen.
The culture of an organization
The culture of an organization plays a significant role in making sure that the customers remain
at the heart of how the organization is to manage its business. The manner of incentivizing the
employees and the performance is good and age, remains the key driver of the culture of the
organization. The significance of making sure that the progress with financial incentive
structures for the front line employees should not be undermined by other practices related
17 "5 Steps to Effective Strategic Risk Management | Workiva", in Workiva.com, , 2020,
<https://www.workiva.com/blog/5-steps-effective-strategic-risk-management> [accessed 2 March 2020].
Risk Management 14
performance management, also needs to be highlighted. It has been seen that there has been a
rise in the level of intelligence regarding poor practices concerning performance management.
Even if the evidence related with widespread issues has not been identified, but certain examples
of poor practices have been identified.
Recommendations regarding the recruitment of the interim head of compliance and risk
The senior management of the organization should make sure that the risks related with poor
performance in the organization are identified and there are adequate controls put in place within
the organization. Objectives should be established for the staff that are balanced and include
adequate behavioral measures. Monitoring the communications related with sales results and the
records provided by formal procedures like appraisals should be considered for finding out any
signs of undue pressure present among the employees18.
It can be stated in the end that in order to successfully implement risk management processes, a
risk management culture should be created within the organization. This culture should allow the
managers, employees and other stakeholders to remain aware of the importance of risk
management for the organizations and their projects. In addition to this, there is need to set up
more harmonization in the business recruitment and work selection work program is done to
mitigate the counter results of the process. Nonetheless, the risk management
Conclusion
After assessing all the details and case study, it could be inferred that examples of good practices
in recruitment, training and supervision of the employees have been provided. The monitoring
the communications related with sales results and the records provided by formal procedures like
appraisals should be considered for finding out any signs of undue pressure present among the
18 M Musaali, "The Board Managment Nexus in Corporate Governance", in SSRN Electronic Journal, ,
2010.
performance management, also needs to be highlighted. It has been seen that there has been a
rise in the level of intelligence regarding poor practices concerning performance management.
Even if the evidence related with widespread issues has not been identified, but certain examples
of poor practices have been identified.
Recommendations regarding the recruitment of the interim head of compliance and risk
The senior management of the organization should make sure that the risks related with poor
performance in the organization are identified and there are adequate controls put in place within
the organization. Objectives should be established for the staff that are balanced and include
adequate behavioral measures. Monitoring the communications related with sales results and the
records provided by formal procedures like appraisals should be considered for finding out any
signs of undue pressure present among the employees18.
It can be stated in the end that in order to successfully implement risk management processes, a
risk management culture should be created within the organization. This culture should allow the
managers, employees and other stakeholders to remain aware of the importance of risk
management for the organizations and their projects. In addition to this, there is need to set up
more harmonization in the business recruitment and work selection work program is done to
mitigate the counter results of the process. Nonetheless, the risk management
Conclusion
After assessing all the details and case study, it could be inferred that examples of good practices
in recruitment, training and supervision of the employees have been provided. The monitoring
the communications related with sales results and the records provided by formal procedures like
appraisals should be considered for finding out any signs of undue pressure present among the
18 M Musaali, "The Board Managment Nexus in Corporate Governance", in SSRN Electronic Journal, ,
2010.
Risk Management 15
employees. Nonetheless, good practices in supervision: procedures should be present for making
sure that the supervisors have proper training and competence.
employees. Nonetheless, good practices in supervision: procedures should be present for making
sure that the supervisors have proper training and competence.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Management 16
Bibliography
"5 Steps to Effective Strategic Risk Management | Workiva". in , , 2020,
<https://www.workiva.com/blog/5-steps-effective-strategic-risk-management> [accessed 2 March 2020].
"What is Risk Management | Risk Management | Marquette University". in , , 2020,
<https://www.marquette.edu/riskunit/riskmanagement/whatis.shtml> [accessed 2 March 2020].
Babayants, Eleonora, "Information – Governance, Risk, Compliance" (2018) 6(3) Pharmacy &
Pharmacology International Journal
Brown, J, The handbook of program management: how to facilitate project success with optimal program
management. in .
Boussalis, Constantine, Yuval Feldman and Henry E. Smith, "Experimental Analysis Of The
Effect Of Standards On Compliance And Performance" (2017) 12(2) Regulation & Governance
Casson, Peter, "Market Risk, Corporate Governance And The Regulation Of Financial Firms"
(1996) 4(2) Journal of Financial Regulation and Compliance
Hooghiemstra, Reggy and Hans van Ees, "Uniformity As Response To Soft Law: Evidence From
Compliance And Non-Compliance With The Dutch Corporate Governance Code" (2011) 5(4)
Regulation & Governance
Humphress, Rick Douglas, "Turning Up The Heat: Governance, Risk, And Compliance
Technology And Performance Fraud" [2010] SSRN Electronic Journal
Humphreys, Edward, "Information Security Management Standards: Compliance, Governance
And Risk Management" (2008) 13(4) Information Security Technical Report
Bibliography
"5 Steps to Effective Strategic Risk Management | Workiva". in , , 2020,
<https://www.workiva.com/blog/5-steps-effective-strategic-risk-management> [accessed 2 March 2020].
"What is Risk Management | Risk Management | Marquette University". in , , 2020,
<https://www.marquette.edu/riskunit/riskmanagement/whatis.shtml> [accessed 2 March 2020].
Babayants, Eleonora, "Information – Governance, Risk, Compliance" (2018) 6(3) Pharmacy &
Pharmacology International Journal
Brown, J, The handbook of program management: how to facilitate project success with optimal program
management. in .
Boussalis, Constantine, Yuval Feldman and Henry E. Smith, "Experimental Analysis Of The
Effect Of Standards On Compliance And Performance" (2017) 12(2) Regulation & Governance
Casson, Peter, "Market Risk, Corporate Governance And The Regulation Of Financial Firms"
(1996) 4(2) Journal of Financial Regulation and Compliance
Hooghiemstra, Reggy and Hans van Ees, "Uniformity As Response To Soft Law: Evidence From
Compliance And Non-Compliance With The Dutch Corporate Governance Code" (2011) 5(4)
Regulation & Governance
Humphress, Rick Douglas, "Turning Up The Heat: Governance, Risk, And Compliance
Technology And Performance Fraud" [2010] SSRN Electronic Journal
Humphreys, Edward, "Information Security Management Standards: Compliance, Governance
And Risk Management" (2008) 13(4) Information Security Technical Report
Risk Management 17
Loste, A, "EXECUTIVE SUMMARY: SCENARIOS, REAL OPTIONS AND INTERGRATED RISK
MANAGMENT.". in Long Range Planning, 36, 2017, 12.
Maphanga, Godrey Cyprian and Osden Jokonya, "The Risk Of Users’ Negative Behaviours
Influence On Information Security Compliance Policy In Organizations" (2017) 7(4) Risk
Governance and Control: Financial Markets and Institutions
Musaali, M, "The Board Managment Nexus in Corporate Governance.". in SSRN Electronic Journal, ,
2010.
Nolan, Sara, "Global HR" (2011) 10(4) Strategic HR Review
Roy, Amitava, "Corporate Governance Compliance, Governance Structures, And Firm
Performance" [2017] SSRN Electronic Journal
Wagner, P, & B Barkley, Global program management. in , New York, McGraw-Hill, 2010.
Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
Loste, A, "EXECUTIVE SUMMARY: SCENARIOS, REAL OPTIONS AND INTERGRATED RISK
MANAGMENT.". in Long Range Planning, 36, 2017, 12.
Maphanga, Godrey Cyprian and Osden Jokonya, "The Risk Of Users’ Negative Behaviours
Influence On Information Security Compliance Policy In Organizations" (2017) 7(4) Risk
Governance and Control: Financial Markets and Institutions
Musaali, M, "The Board Managment Nexus in Corporate Governance.". in SSRN Electronic Journal, ,
2010.
Nolan, Sara, "Global HR" (2011) 10(4) Strategic HR Review
Roy, Amitava, "Corporate Governance Compliance, Governance Structures, And Firm
Performance" [2017] SSRN Electronic Journal
Wagner, P, & B Barkley, Global program management. in , New York, McGraw-Hill, 2010.
Weaver, R. Kent, "Compliance Regimes And Barriers To Behavioral Change" (2013) 27(2)
Governance
1 out of 18
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.