The world’s first software-as-a-service (SaaS) Anti-Bribery Risk Assessment solution

The Anti-Bribery Risk Assessment Tool makes it easy to identify, assess, mitigate and manage bribery and corruption risks

Completing a New Anti-Bribery Risk Assessment

Getting started

To start a risk assessment select New Assessment from the main menu, which will direct you to the Assessment Information screen which is used for:

  • Naming the assessment
  • Selecting the assessment type
    • Full Assessment (includes external and internal risk factors)
    • External Risk Factors Only
    • Internal Risk Factors Only
  • Select industry sector from the 30+ available

The 300+ risk factors have been configured against each of the 40+ industry sectors which creates default out-of-the-box settings that can be adjusted as required.

Completed By

Next provide the following details outlining who is completing the risk assessment:

  • Full name
  • Company name
  • Position/Title
  • Telephone
  • Email address
  • Assessment period

Provide context behind the risk assessment

 

The context fields are mandatory for full assessments only – below is a summary of the key fields:

  • General comments
  • Nature, size and complexity of the business
  • Number of employees
  • Key lines of business subject to anti-bribery legislation
  • Products/services offered
  • Channels for delivery of regulated business to end customers:
  • Ownership structure of the business
  • Types of customers and countries the organisation deals with
  • Description of how the ABC risk assessment will be kept current
  • Process for updating/refreshing the ABC risk assessment
  • Name of the person responsible for oversight of ABC and contact details

Risk Factors

There are over 300 different risk factors that are organised into a hierarchy – Group, Category and Sub-Category with risk factors rolling up to these levels.

The risk factor is in the form of a question with an associated assumption / risk context description that explains the rationale as to why the risk factor should be considered.

The weight field is carried over from the configuration settings and is used in the calculation of a risk score at the risk factor level.

The scoring scale goes from 0 to 5 (low to high) and appears in the model rating summary report.  The end user should answer Yes or No to the question and provide any relevant comments that assist in explaining the assessment.

Inherent Risk Rating

The end user must then assess the inherent risk, meaning the likelihood of a risk event occurring, multiplied by the impact of a risk event if it were to occur to provide an overall inherent risk rating.

The likelihood rating is a six point scale and includes the following values – not applicable, rare, unlikely, likely, very likely and guaranteed.

The impact rating is also a six point scale and includes the following values – not applicable, insignificant, low, moderate, high and extreme.

The risk assessment tool has in-built logic to calculate the overall inherent risk rating based on the likelihood x impact and a field to capture any relevant comments.  The inherent risk score for every risk factor is plotted into the inherent risk matrix on the final PDF report to display the inherent risk concentration across all active risk factors present in the model.

Residual Risk Rating

Next consider the existence and effectiveness of mitigating controls that can serve to reduce the overall inherent risk rating (or conversely, if non-existent or poor/ineffective then the overall inherent risk rating will be higher), which results in an overall residual risk rating with a rating scale from Low to High.   The end user should also document the nature of control measures designed to reduce risks.

The effectiveness of control rating comprises a six point scale and includes the following values – not applicable, none, poor/ineffective, fair/moderately effective, good/effective and excellent/highly effective.

The residual risk score for every risk factor is plotted into the residual risk matrix on the final PDF report to display the residual risk concentration across all active risk factors present in the model.

Why not sign up for an obligation free trial today?

Contact us and we will provide you with access to a limited functionality no obligation free trial today!