InFission approach for Risk Assessment and Control Verification
At InFission, our Compliance Director is responsible for setting up the program office and selecting the controls framework, conducting management interviews, and reviewing prior year control documents.
The global process owners are ultimately responsible for identifying the inherent risk exposure, as well as the certification of control effectiveness in their process. However, many process owners also require their staff to identify any risks and verify the controls for which they are responsible.
At InFission, the Chief Financial Officer (CFO) has also appointed a Compliance Director as the head of Compliance Program Management Office (PMO) in order to assist the management to complete the risks assessment and control verification activities. The Compliance PMO team uses Oracle GRC Manager and Oracle GRC Intelligence to obtain qualitative risk rating by creating risk assessment questionnaires that provide management response...
