Kelly Alwin on the Frequency of Risk Assessments [Podcast]


By Adam Turteltaub

When it comes to risk assessments, the word “annual” comes up a lot. But, Kelly Alwin, Regional Compliance Officer North America for SAP America, believes that once a year may be more than a bit too long.

To her, a risk assessment is more than a periodic assessment and an annual chore. It is critical to the program’s success and lends credibility and substance to the compliance program. She points out that from the Delaware Chancery Court to the US Department of Justice, the importance of a strong risk assessment is underscored.

In this podcast she argues that, for the risk assessment to play the role it should, it can’t afford to sit on the shelf. It needs to be a dynamic document that both informs all the other elements of the program and evolves as risks evolve, whether due to a new go to market strategy, a merger or an entry into a new market.

Bottom line: look at your risk assessment, she advises, not as a discrete activity but as a continuous analysis. Incorporate micro assessments, embrace continuous improvement, and, hopefully, enjoy a more effective compliance and ethics program as a result.