In today’s ever-changing business environment of market complexity

globalization and increasing investor expectations, managing risks while providing value is more important than ever before. Successful organizations should change and evolve to remain competitive but if the control environment doesn't adapt accordingly, then the risks of failure grow too.

Enterprise risk management (ERM) serves as the leading approach to managing and optimizing risks, strategically identifying, analyzing, overseeing and monitoring the potential risks to an organization. This approach enables a company to determine how much uncertainty and risk are acceptable to continue to add value to the organization.

Grant Thornton is well positioned to offer a range of services to assist organizations in determining their exposure to various risks associated with ERM, as businesses attempt to create integrated and transparent risk management practices and move away from disconnected multiple risk functions.

Our team is highly experienced in the assessment of process risk and control and use a rigorous approach to assess business processes. We can help you to identify and understand the inherent risks within key processes, and whether your existing controls are adequate and efficient in mitigating those risks. ERM services include:

• Designing and implementation of an ISMS under the ISO 27001 standard
• Designing and implementation of a QMS under the ISO 9001:2008 standard
• Advisory on the ERM framework, compliance with COSO framework
• Advisory on the Operational Risk Management (Basel II)
• Advisory in implementation of an Internal Control Framework (COSO)
• Internal auditing, risk based audit reports
• Advisory on development of the internal audit function
• Audit of business process

• align risk management activities with business objectives to drive value
• enhance coordination among risk and control groups to eliminate redundancies
• improve the risk assessment process to better anticipate and understand risks
• increase awareness of key risks and their respective key controls
• enhance ownership by process owners for their control environment
• provide senior management with the most up to date information regarding risk that may be used in the decision making process
• improve accountability and transparency among all levels of Boards, senior management and interested parties
• introduce of the new controls and processes to address newly emerging business risks.