Helping You Manage Risk Every Day

Top 5 Tips for Conducting Effective Risk Assessments

Risk assessments are an essential component of corporate compliance and ethics programs that organizations cannot afford to overlook. When conducted properly, risk assessments are an effective way for companies to monitor and evaluate potential compliance risk within an organization. Here are the top 5 tips, based on our experience, for creating and conducting effective risk assessments:

1. Understand the importance of risk assessments. Risk assessments aren't just a legal obligation. They are an integral element to creating, implementing and enforcing an effective compliance and ethics program. Building annual risk assessments into your company's compliance program is a must. Enforcement authorities increasingly expect companies to have formal processes for periodic assessment of compliance risks and to take appropriate steps to design and implement the risk assessments.

2. Design and implement a formal risk assessment process. The methods for conducting risk assessments should be tailored to the organization's specific industry, size and structure, and may include the use of questionnaires, employee surveys, live assessments and workshops, self-assessments, and interviews. Often times, having an outside team conduct an initial live risk assessment workshop with an organization's senior management teams in order to identify high-level areas of concern is the appropriate first step. These workshops enable organizations to begin charting areas of concern and potential remedial action plans. Other times, providing the organization with a toolkit that can be used to conduct self-assessment exercises internally, including holding risk assessment workshops, is a more suitable option.

3. Be objective. To be effective, a risk assessment must be objective and comprehensive on risks. It must also engage employees and functional leadership in the dialogue of what specific issues or concerns keep them up at night.

4. Conduct risk assessments regularly. Risk assessments should be a regular, systemic part of compliance efforts rather than an occasional, infrequent exercise performed when convenient or after a crisis. It is important to conduct risk assessments at the same time every year and deputize a consistent group, such as your internal audit department, compliance committee, or outside legal team to conduct the annual review.

5. Recognize the compliance risks and undertake a comprehensive review. Compliance programs should address key risk areas such as effective understanding and enforcement of company policies. Companies should conduct due diligence on business partners and implement effective internal controls for accurate books and records. Employees should be able to report violations confidentially without fear of retaliation. These are all important areas to be mindful of while conducting risk assessments. It is also important to memorialize risk assessment findings in an internal annual reporting process. Once the assessment is complete, the compliance or audit team should carefully compile its findings and recommendations in a comprehensive report to be presented to the chief compliance officer, board of directors, and/or other senior management for review and consideration of appropriate next steps.

What works for one particular organization may not work for another. What is important is to regularly analyze and evaluate the potential risk areas that are present within your company, in order to minimize those risks to the greatest extent possible.

Outside General CounselTM and Nicoll Davis & Spinella partner with employers to ensure that their business is properly conducting regular and effective risk assessments, to minimizes their risk by alerting them to potential violations or internal concerns before those potential issues turn into big legal problems. For information on how our firm can help you, contact Christopher Santomassimo at 201-712-1616 or [email protected].

No Comments

Leave a comment
Comment Information
Contact Us

Start Growing Your Business Today

Risk does not have to be an obstacle. For a free consultation, email or call us today to learn how we can benefit your business. Our office is in Paramus and we work with businesses throughout all of central and northern New Jersey, as well as the New York metro area.

Bold labels are required.

Contact Information

The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.


Privacy Policy

Image Attorney

Nicoll Davis & Spinella LLP

Parsippany Office
1 Gatehall Drive, Suite 100
Parsippany, NJ 07054

Phone: 201-254-0777
Map & Directions

New York Office
450 Seventh Avenue
Suite 2205
New York, NY 10123

Phone: 201-254-0777
Phone: 212-972-0786
Map & Directions

Philadelphia Office
Cirra Center,
2929 Arch Street
Philadelphia, PA 19104

Map & Directions

Paramus Office
95 Route 17 South
Paramus, NJ 07652

Map & Directions

Visit Us On

Review Us Top