Corruption Risk Assessment Worksheet
Featured in Compliance Week
This worksheet depicts one method to capture the data generated during the Corruption Risk Assessment. Please note that this is just a starting point. A complete risk assessment worksheet would include many other risks/schemes to cover all possible risk scenarios using the method discussed in the text.
The Risk Data cells shown on the worksheet are completed based on input from the steering committee. In addition to the example depicted, additional risk areas, schemes, and methods should be identified, which could include: International Sales, International Suppliers, Actions by Agents, International Business Development, etc.
Note that the Inherent Risk scores for Likelihood and Impact are entered based on the Rating Guide. These are added to arrive at an Overall Risk Rating. Mitigating controls are linked to each identified risk. Testing results from prior years provide insight into the operation of each of the mitigating controls.
A scenario whereby the steering committee has rated the Overall Risk Rating high for a specific Scheme/Method and the mitigating control(s) are operating properly based on independent testing, provides management with assurance the identified risk is adequately mitigated.
Inherent Risk – Before considering controls that may be in place
Scale of 1–5
1: Unlikely to occur
3: Possibly could occur
5: Likely or has occurred
Impact Rating – Assumes control failed and scheme occurred
1: Little impact
3: Controls compromised moderate impact
5: Bribe paid, high impact
Overall Risk Rating: Sum of Inherent Risk + Impact
S: Satisfactory, no, or only minor exceptions noted
I: Isolated exceptions or exceptions not related to anti-corruption control failure
U: Unsatisfactory or significant exceptions noted