LP-Risk(Lateral Praxis – Risk Monitoring System)

increase risk oversight and drive performance improvement

Risk Architecture of a group enterprise

“The goal is not to predict what or when – but instead

be prepared and able to respond in an informed and

planned manner to minimize the impact of a disruption.”

Direct & Monitor

reports & evaluation

the BoarD

� Overall responsibility

� Ensure risk management is embedded into all processes and activities

� Review group risk profile

auDit coMMittee

� Receive routine reports from GRMC

� Set annual audit programme and priorities

� Monitor progress with audit recommendations

� Provide risk assurance to the Board

� Oversee RM structures and processes

Group risk MonitorinG coMMittee

� Formulate strategy and policy based on risk appetite,risk attitudes and risk exposures

� Receive reports from business units, review risk management activities and compile the group risk register

� Receive reports from business units and make reports and recommenda-tions to the Board

� Track RM activity in the business units and keep the risk management context under review

Disclosures coMMittee

� Review and evaluate disclosure controls and procedures

� Consider materiality of information disclosed to external parties

Business units

� Produce BU-specific policy statements, as necessary

� Prepare and update the business unit risk register

� Set risk priorities for business unit

� Monitor projects and risk improvements

� Prepare reports for GRMC

� Manage control risk self-certification activities

BackgroundRisk profiles are changing as businesses’ operating models become more globalised, and supply chain and transport networks become increasingly complex, interconnected and interdependent.Major disruptions in the last few years—including the global financial crisis, terrorist scares, flooding in Thailand and the Bangladesh warehouse issues—all of these have heightened public discussion on risk preparedness.Spreadsheets & ledger entries in multi-locations don’t cut it any more. Companies need to create a central framework to continually monitor their internal and external environments and identify potential sources of risk early, assess those risks, and respond based on the organisation’s risk tolerance.

Risk Culture

Failures in risk culture were the primary cause of the credit crisis of 2008. It is easy for large, disparate group compa-nies to fall into several behavioural traps that lead to poor decision making.Enterprise Risk manage-ment processes can prevent such pitfalls if implemented with commitment from the board.

LP-Risk—holistic framework designLP-Risk is a risk identification and monitoring solution capable of tying in all three components (Operational, Strategic, & External) via an organisation’s Risk Committee and Chief Risk / Compliance Officer.

LP-Risk is never off-the-shelfEvery company is unique. Best practices are a given but Lateral Praxis is always conscious that hands-on customisa-tion is the key to a successful implementation. We consider your needs in the context of:

� Our complex financial markets � Your unique products and services � Diverse technologies you work with � Your individual appetite for risk � Simplicity or complexity of your business processes

Business often means having to take risks. Especially smart ones.

Regulatorychange

DisruptiveTechnology

ManagementSuccession

Industrymaturity

OperationalRisk

EnterpriseRisk

NaturalCatastrophes

CompetitiveEnvironment

LiquidityFinancing

Risk in perspective

Steve Jobs was willing to cannibalise his com-pany’s products in the name of progress. Many CEOs would have been hesitant to develop the iPhone, knowing full well that it would help to make the iPod obsolete – but Jobs did it anyway (and took a big bite out of the lucrative mobile market).

LP-Risk: Secure multi-level accessRisk Committee Members will view data of the organization as well as for its subsidiaries while preventing reverse access as needed for security.LP-Risk ties in neatly into SAP, ERP & internal auditing solutions, including our own products: LP-Audit & LP-CMS.

Training, Support & UpdatesLP-Risk support means hands-on training and regular updates. Remotely administered software upgrade patches are effortless and never disrupt client operations.

Risk Identification & QuantificationThe LP-Risk framework must be customised to your need and deployed in a transparent, streamlined process. In line with the internationally accepted COSO ERM framework our processes are: (see COSO cube at right)

� Establishing Context: Current conditions in which the organization operates on an internal, external and risk management context.

� Identifying Risks: Document threats to the organization and the representation of areas you may exploit for competitive advantage.

� Analysing/Quantifying Risks: Creation of probability distributions of outcomes for each material risk.

� Integrating Risks: Aggregation of risk distributions, correlations, and impact on KPI.

� Assessing/Prioritising Risks: Determination of the contribution of each risk to the aggregate risk profile, and appropriate prioritisation.

� Treating/Exploiting Risks: The development of strategies for controlling / exploiting various risks.

� Monitoring and Reviewing: Continual measurement and monitoring of the risk environment and the performance of the risk management strategies.

SubsidiaryBusiness U

nitD

ivisionEntity -Level

Strategic

Operations

Reporting

Compliance

Internal Environment

Objective Setting

Event Identification

Risk Assessment

Risk Response

Control Activities

Information & Communication

Monitoring

CenterPoint, MVIRDC, World Trade Centre, Centre 1, 1st Floor, Cuffe Parade,Mumbai - 400 005, Maharashtra, INDIATel: +91 22 6638 7272Fax: +91 22 2218 8175

email: preet@lateralpraxis.comWebsite: www.lateralpraxis.com

i n c l u s i v e i n n o v a t i o n

Sample heat mapping screen

The LP promiseReliable, actionable information, provided in a consistent, rule-bound time line.

The Leadership Challenge

Managing risk is very different from managing strategy. Risk manage-ment focuses on the negative—threats and failures rather than opportunities and successes. It runs exactly counter to the “can do” culture most leadership teams try to foster when implementing strategy. By definition, businesses need to balance risk exposure to stakeholder value.

LP-Risk Dashboards and action screensOur LP-Risk dashboards are executive information systems that enhance visibility of performance and allow tracking of your key risk performance indicators. Collating data from disparate systems, our dashboards present a unified view of the information. We enable your risk committee, directors, managers & users to have a personalised insight of their risk status and quickly spot problems before they adversely affect the business.

Your dashboard will:

� Allow the Risk owner to set out the Risk Mitigation Plan

� Define mitigating actions for the risk � Set frequency of execution, target date with

auto-reminders � Allows computation of the cost of mitigation � Single screen view, including collapsible subsidiaries’

information, with overall status � Links to SAP, LP-CMS & LP-Audit—our internal

auditing solution � Provides easy pick of risks from organization’s

environment to subsidiary’s environment � Links with the companies’ HR database. The latest

employee status is reflected and risks can be re-assigned as needed

Your Gain � Economic in cost, time & resources. Low TCO,

Low implementation period, Low IT footprint � A secure, consistent, dependable risk monitoring

process for the enterprise and subsidiaries � Prevent duplicitous monitoring of business

processes and meet reporting requirements � A secure, succession-proof knowledge repository

allowing smooth, secure employee changeovers Risk perception: despite the quantifications and metrics, risk perception is mostly a people driven, cultural ethos; part of a company’s DNA. Shoehorning an organisation into a pre-configured ERM process delivers very little.Implementation to us, means getting involved with your company and translating your risk perception into a unique process that you know covers all areas that concern you, in the priority you choose.

We are good at this —call us.