There are lots of ways to do this, some people evaluate the 5 P's
People, Products, Procedures, Politics, Prior Audits
Our risk assessment methodology is based on a two-part process which involves establishing a weighting base for each significant area of risk utilizing the Bank’s internal experience in key areas (“Relative Risk”) and applying the base against external or industry risks associated with each area, to arrive at the level of risk specific to the Bank’s markets and regulatory environment (“Combined Risk”).
Relative Risk Factors include:
Previous Audits (audits, exams, or other outside review results)
Changes in Processes, Procedures or Systems
Changes in Products
Changes in Personnel and Management
Size and Complexity of the Department or Function
Experience and Training
Combined Risk Factors include:
Credit
Market
Liquidity
Operational
Legal
Reputation
Relative Risk
_________________________
THANK YOU GOVERNMENT:
“If I seem unduly clear to you, you must have misunderstood what I said” - A. Greenspan