The world’s first software-as-a-service (SaaS) Fraud Risk Assessment Tool
The Fraud Assessment Tool makes it easy to identify, assess, mitigate and manage fraud risks
Completing a New Fraud Risk Assessment
To start a risk assessment select New Assessment from the main menu, which will direct you to the Assessment Information screen which is used for:
- Naming the assessment
- Selecting the assessment type
- Full (includes all of the following dimensions collectively)
- Internal Risk Factors Only
- External Risk Factors Only
- Select industry sector from the 40+ available
The 550+ risk factors have been configured against each of the 40+ industry sectors which creates default out-of-the-box settings which can be adjusted.
Next provide the following details outlining who is completing the risk assessment:
- Full name
- Company name
- Email address
- Assessment period
Provide context behind the risk assessment
The context fields are mandatory for full assessments only – below is a summary of the key fields:
- General comments
- Nature, size and complexity of the business
- Number of employees
- Key lines of business subject to fraud risk management
- Products/services offered
- Channels for delivery of regulated business to end customers:
- Ownership structure of the business
- Types of customers and countries the organisation deals with
- Description of how the Fraud risk assessment will be kept current
- Process for updating/refreshing the Fraud risk assessment
- Name of the person responsible for Fraud oversight and contact info.
There are over 550 different risk factors that are organised into a hierarchy – Group, Category and Sub-Category with risk factors rolling up to these levels.The risk factor is in the form of a question with an associated assumption / risk context description that explains the rationale as to why the risk factor should be considered.
The weight field is carried over from the configuration settings and is used in the calculation of a risk score at the risk factor level.
The scoring scale goes from 0 to 5 (low to high) and appears in the model rating summary report. The end user should answer Yes or No to the question and provide any relevant comments that assist in explaining the assessment.
Inherent Risk Rating
The end user must then assess the inherent risk, meaning the likelihood of a risk event occurring, multiplied by the impact of a risk event if it were to occur to provide an overall inherent risk rating.The likelihood rating is a six point scale and includes the following values – not applicable, rare, unlikely, likely, very likely and guaranteed.
The impact rating is also a six point scale and includes the following values – not applicable, insignificant, low, moderate, high and extreme.
The risk assessment tool has in-built logic to calculate the overall inherent risk rating based on the likelihood x impact and a field to capture any relevant comments. The inherent risk score for every risk factor is plotted into the inherent risk matrix on the final PDF report to display the inherent risk concentration across all active risk factors present in the model.
Residual Risk Rating
Next consider the existence and effectiveness of mitigating controls that can serve to reduce the overall inherent risk rating (or conversely, if non-existent or poor/ineffective then the overall inherent risk rating will be higher), which results in an overall residual risk rating with a rating scale from Low to High. The end user should also document the nature of control measures designed to reduce risks.
The effectiveness of control rating comprises a six point scale and includes the following values – not applicable, none, poor/ineffective, fair/moderately effective, good/effective and excellent/highly effective.
The residual risk score for every risk factor is plotted into the residual risk matrix on the final PDF report to display the residual risk concentration across all active risk factors present in the model.
Why not sign up for an obligation free trial today?
Contact us and we will provide you with access to a limited functionality no obligation free trial today!