The new version focuses on the following aspects:
Revision of the auditor's report:
Adopting the revised standard would require companies to revamp their risk management program to ensure:
That, however, is easier said than done. According to a recent Deloitte survey of German companies, while there is a growing awareness of the benefits of a risk management system as an efficient corporate management tool, only 56% of those surveyed said that they were planning a revision of the risk management system to adapt to the standard. A considerable number of firms have simple and poorly coordinated measures, and more than half of the respondents said that they neither have a documented risk strategy, nor a concept for determining risk appetite.
The company identified the need to upgrade its risk and compliance management program which had become increasingly cumbersome, siloed, and inconsistent. The risk teams struggled to aggregate, reconcile, and report risk data from across the lines of the business. Without a real-time view of risks, leaders couldn’t make informed business decisions. The company chose MetricStream for its out-of-the-box Integrated Risk Solution, for its simplicity and robustness. With the implementation, the company successfully standardized risk and compliance processes, frameworks, and standards across the enterprise. MetricStream established a common risk taxonomy across the lines of the business, so that everyone could communicate in a harmonized manner. Meanwhile, comprehensive risk event forms had improved the quality of risk reporting. Looking at the data, stakeholders could easily identify the root causes of risk events, as well as common themes across the business.
With the standard already in force, companies have to act now to adapt their risk management system to the new regulatory requirements. This is where MetricStream can help companies achieve compliance with the new standard in a seamless and streamlined manner while being resilient to future crises.
The MetricStream IDW PS 340 n.F. solution enables a structured and systematic approach towards managing organizational risks. Built on the MetricStream Platform, and supported by uniform risk assessment methodologies and standards, the solution gives organizations the ability to identify and report emerging risks, accurately understand risks, and gain clear visibility into the top risks they face. The “multi-dimensional organization structure” functionality helps model risk management programs based on organizational hierarchies. Multi-dimensional risk assessments and aggregation based on several qualitative and quantitative parameters can be performed to establish the organization’s risk profile. Real-time insights into risk management programs are offered through powerful analytics, advanced heat maps, reports, dashboards, and charts enabling organizations to make risk-informed decisions that optimize business performance.