Main Content

Casebook Read Credits
Corporate Risk and Compliance: Theory and Practice
Section 9 . 1

Objectives and Discussion Questions

Kim Otte

This chapter examines the "8th element" of an effective compliance program - risk assessments. This is a tool that can be applied at a very high level (ERM), at a department level, or at a project level. It is a process that typically involves an inventory of risks, some type of quantified scoring ot each risk, reporting out using a dashboard or other visual, and finally remediation Risk assessments are a feeder to prioritization and goal setting. Enterprise Risk Management is the application of a risk assessment tool to the full breadth of risks in a corporation -- regulatory, financial, operational, and strategic.

Discussion Questions:

1. Should a heatmap or dashboard used to report out a compliance department's top regulatory risks be attorney client privileged? Why or why not?

2. How would you describe to a CEO the rationale for conducting an annual risk assessment of the compliance regulatory risks? Why would a compliance leader use this type of exercise?

3. What are the reasons a corporation might NOT choose to have a separate and defined ERM program?

 

This book, and all H2O books, are Creative Commons licensed for sharing and re-use with the exception of certain excerpts. Any excerpts from the Restatements of the Law, Principles of the Law, and the Model Penal Code are copyright by The American Law Institute. Excerpts are reproduced with permission, not as part of a Creative Commons license.