For many firms, their risk assessment process including an assessment of Inherent and Residual Risk. Inherent Risk is the level of risk before controls have been applied and Residual Risk is the level of risk after controls have been applied.
Inherent Risk should be assessed as part of the definition of a risk and is re-assessed after a risk event occurs if the root cause analysis of the event generates new insights or knowledge that cast doubt on the current Inherent Risk assessment.
For example, the delivery of a major initiative, the implementation of major new system or similar transformation change should lead to a re-assessment of the Inherent Risk.
KRM22’s Global Risk Platform provides applications to help you address your firm’s regulatory, market, technology and operations risk challenges and to manage your entire enterprise risk profile. KRM22 is a public Group listed on AIM and headquartered in London.