Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
E N T E R P R I S E R I S K M A N AG E M E N T
42
J A N UA RY / F E B R UA RY 0 5 I S S U E 2 2
G L O B A L A S S O C I AT I O N O F R I S K P R O F E S S I O N A L S
E N T E R P R I S E R I S K M A N AG E M E N T
that has built-in risk controls; and (4) obtain support for
the product or service from business units like information
technology and human resources.
Although the business division that is rolling out a new
product or service is primarily responsible for assuring
that sufficient staffing is available and that the banks IT
systems can handle the launch, the enterprise risk manager must make certain that these factors have been
addressed.
Final Thoughts
If you take a closer look at Sarbanes-Oxley testing
requirements and Basel II requirements on operational
risk (excluding disasters and other low-frequency/highimpact items), there are many similarities. Basel II
requires operational risk to be assessed on the possibility
of failures by people, processes or systems; similarly, the
success of a Sarbanes-Oxley implementation is determined, in part, by the absence of errors in a firms corporate governance controls.
In fact, there are a significant number of metrics that can
be commonly measured and used for Basel II and Sarbanes
Oxley. It therefore makes sense for the enterprise risk manager to attempt to integrate systems when designing the
VIDYASAGAR PULAVARTI, a freelance consultant, is a Chartered Accountant from India. Over the course of his career, he has worked
at three of the worlds largest accounting firms: PriceWaterhouseCoopers, KPMG and Deloitte & Touche. He is currently consulting on
projects in Bermuda, UK and India and can be contacted at vidyasagar_p@hotmail.com.
J A N UA RY / F E B R UA RY 0 5 I S S U E 2 2
43