Our approach is designed based on the framework set out by The Committee of Sponsoring Organisations of the Treadway Commission (“COSO Framework”) which is widely adopted by various professional bodies, government agencies and conglomerate organisations. The approach covers mainly the review and assessment of risks identification and precedes risk response, including the impact of the identified risks, individually and collectively, in order to focus management’s attention on the most important opportunities and threats. We assist the management in measuring and prioritizing risks within defined tolerance thresholds. Risk map will then be developed by designating a risk level for area of the graph, combined impact and likelihood ratings. After plotting on the risk map, the executive leadership team and board members will pay particular attention to management’s actions to respond to “key risks” identified in the risk mapping exercise.
In general, the above approach covers five key components of internal control, including Control Environment, Risk assessment, Control activities, Information and Communication, and Monitoring.