The expertise and the experience gained in implementing GRC processes enables HMS to help organizations, who operate in a dynamic, competitive market, to handle planning and implementation uncertainties caused by internal and external elements of risk, which may impair the organization’s profitability and stability. Moreover, the process of managing risk in a balanced and conscious way provides the organization with the ability to better handle risk whilst taking into account cost/benefit considerations and organizational requirements.
- In-depth business understanding in setting up Enterprise Risk Management arrays (ERM)
- Using the world’s leading Best Practice methodologies (COBIT, COSO)
- IT system integration; risk management policy implementation; the monitoring and minimization of risk within the organization
- Familiarity with and directly interacting with/on behalf of the relevant supervisory bodies
Main services provided in this field:
- Carrying out Enterprise Risk Management (ERM)
- Carrying out a comprehensive Governance, risk management, and Compliance (GRC) survey including embezzlement and fraud
- Provisions of guidance and assistance in implementing the risk survey recommendations, including the handling of all IT aspects
- Preparing policy documents and practice procedures, configuring Key Risk Indicators (KRI) as well as control mechanisms
- Assistance in setting up risk management units and appointing a central risk officer (CRO)
- Setting up the IT Governance array
- IT Risk and Information Technology Maintenance
- Corporate Governance
- The carrying out of compliance surveys in accordance with regulatory requirements applicable to the capital market
- Provision of assistance in the assimilation of Governance, Risk management and Compliance (GRC) supportive systems
- Carrying out risk assessments within the IT array
The currently leading GRC methodology in financial bodies is based, inter alia, on the Basel II guidelines (adopted by the Banks Supervisor). Many capital market organizations and commercial companies have opted to implement these principles (adapting the guidelines to each and every organization).
In view of past experience and in accordance with market trends, we predict that risk management processes, ERM and GRC in particular, are to be made compulsory, and that it will become obligatory to implement them not only in banks but in any entity acting in the Israeli financial sector.
- Governance, Risk management and Compliance (GRC) includes, inter alia: provision of assistance and guidance throughout the entire GRC process within the organization, including through the processes of planning and implementation, and through the process of complying with regulatory requirements.
- HMS applies a structured methodology for risk management and for the carrying out of risk surveys, taking into account the various components (organizational structure, processes, systems, risk types, risk factors and controls) and integrating them into risk projects.