The DOJ Evaluation of Corporate Compliance Programs states:
• Risk Management Process – What methodology has the company used to identify, analyze, and address the particular risks it faced?
• Information Gathering and Analysis – What information or metrics has the company collected and used to help detect the type of misconduct in question? How has the information or metrics informed the See more +
The DOJ Evaluation of Corporate Compliance Programs states:
• Risk Management Process – What methodology has the company used to identify, analyze, and address the particular risks it faced?
• Information Gathering and Analysis – What information or metrics has the company collected and used to help detect the type of misconduct in question? How has the information or metrics informed the company’s compliance program?
I continue my exploration of the risk management process by focusing today on risk assessments.
One cannot really say enough about the role of risk assessment in compliance programs. Each time you hear a regulator talk about compliance programs, it starts along the lines of you cannot manage your FCPA risk without first determining what your company’s risk is; and to determine that compliance risk, the process you should utilize comes through a risk assessment.
See less -