Executive Report

Enterprise Risk Management: Understanding the Value of the Risk and Control Self-Assessment Technique

Posted September 19, 2011 | Leadership |

Abstract

Implementing an enterprise risk management (ERM) framework requires a technique to help identify risks and assess the effectiveness of existing controls through the three lines of defense of risk governance. The risk and control self-assessment (R&CSA) is one of those techniques. This Executive Report explores the power of R&CSA and its application to deliver value.

About The Author
Ken Doughty
Ken Doughty, CISA, CRISC, CBCP, is a Senior Manager at OnePath Australia (formerly ING Australia). He has more than 25 years' risk management experienced gained from IT auditing, business continuity, project management, IT management, and operational risk management in the public and private sectors. Mr. Doughty lectures at Macquarie University (Australia); has been published frequently in leading auditing, business continuity, and ERM journals… Read More
Don’t have a login? Make one! It’s free and gives you access to all Cutter research.