We start with a standard questionnaire with the most relevant questions about your risk management to get insight into the current risk management system. After that, we study the relevant documentation depending on the desired depth of the review, to picture the design of your risk management and the processes that are done.
Then, we determine a risk profile and working hypotheses based on the gained knowledge of your organization and our experience with other organizations. After determining the risk profile, we interview the relevant people involved based on these hypotheses. These interviews give us an insight into the processes, effectiveness, and points of improvements of your risk management. Lastly, we describe our findings in a practical report with concrete recommendations for implementing improvements.
- We provide targeted expertise, depending on the specific features or desires of the fund;
- We assess the fund’s risk profile and come up with focused and targeted recommendations;
- We analyze the complete risk management framework with the option to focus on specific areas;
- We deliver pragmatic and applicable recommendations;
- We deliver concrete action plans to implement recommendations;
- We implement or support you with implementing the recommendations.
A brief check of the most important elements of risk management within your organization by studying policies and executing (a limited number of) interviews.
An extensive analysis of risk management. We analyze your documentation (policies, reports, etc.) and interview key players within the organization to assess its design and effectiveness.
As we start to fulfill the key function, we pay attention to relevant policies and reports of the organization. We also speak with involved employees to get a view of the status and attention points around risk management.
Substantive Key Points
As we review the framework, we focus on functional and hierarchical components of risk management:
- Organization and governance of risk management;
- Risk management policies in different areas (e.g., investments, IT, or privacy);
- Investigations and assessments performed by the organization;
- Use of available reports;
- Processes performed by the organization.
We also assess how the monitoring of these components is set up, carried out, and followed up on, as well as the evaluation of the risk framework. This way, all maturity levels of risk management are included.