Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCEP-I > Risk Assessment > Flashcards

Risk Assessment Flashcards

1
Q

Risk Assessment

A
  • Must be periodic (annual is not generally required)
  • Methodology should be scalable and timely
  • Identify a baseline risk assessment of operations
  • It is not enough to know about the risk, they must be acted upon by management
  • Involve an executive-appointed baseline review team
  • Legal, Finance and Operations should be involved
  • Outside experts as needed and resources allowed
  • Review any previous problem areas (company or industry wide)
  • Compliance Program Guidance from regulators
  • Trade and professional associations are great resources
  • Current issues
  • Emerging Trends
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Sources

A

Sources of Information
1. Documents
* Previous audit reports or evaluations (Were recommendations followed up on?)
* Existing Policies and Procedures (Available to staff? Being Followed? Adequacy?)
* Training Records (Handouts, plans, attendance records)
2. Staff
* Conduct interviews
* Management’s areas of concern

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Third-Party Risk

A
  • Due diligence must be performed
  • Background checks and license verifications
  • Compensation (Does it make sense based on industry and geographic region?)
    Regular evaluations (annual, biannual, etc.)
  • Track red flags and have consequences for misconduct
    Contract provisions to address risk
  • Understand of the qualifications and associations of third-party partners (e.g.
    agents, consultants, and distributors that are commonly used to conceal misconduct, such as the payment of bribes to foreign officials)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mergers and Acquisitions

A
  • Comprehensive due diligence of any acquisition target
  • Flawed or incomplete due diligence can allow misconduct to continue at the target
    company
  • Potential harm to a business’s profitability and reputation
  • Risk of civil and criminal liability
  • Need a process for tracking and remediating misconduct or misconduct risks
    identified during the due diligence process
  • Need a process for implementing compliance policies and procedures at new entities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Developing a Risk Based Compliance Plan

A
  • Must be developed “periodically” which can vary based on the organization, not necessarily annual (may be more frequent or less)
  • Prioritize risks based on internal surveys, benchmarking, peer data
  • Include input from across the organization
  • Be flexible and adaptable as risks change
  • Acknowledge that all risks cannot be addressed every year
  • Use as a tool to communicate the results of risk assessment findings to the board and management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CCEP-I (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions