This page contains a Flash digital edition of a book.
20 risk management


How effective is bribery risk assessment as the basis of risk mitigation? asks PwC


Bribery and fraud are fast becoming a top priority for most businesses and governments alike. Conducting a comprehensive risk assessment is the foundation for successful risk management and mitigation, as without a clear understanding of your risks, it is impossible to know if you’re covering all the bases, says Ranjit Auluk, PwC’s South East partner in forensic services


Last month we supported a new Transparency International UK document on how firms can take action to mitigate the effects of bribery. ’Diagnosing Bribery Risk’ is a practical guide to effective bribery risk assessment which we believe will help firms grasp these issues head on.


The guide is aimed at businesses of all shapes and sizes and is designed to assist those charged with carrying out a bribery risk assessment to follow a relatively simple, structured process. While it provides a basic theoretical framework for risk assessment, the focus is very much on how to implement in the workplace with the support of a firm’s board or leadership.


Ranjit Auluk


No sector, business, or individual can ever really say they are completely risk free of bribery – and there isn’t really a one-size-fits- all battle plan to adopt. Rather, businesses should seek to establish principles by which a good risk assessment might be conducted and provide pragmatic suggestions as to how to achieve this in practice. An example of this is the emphasis on a qualitative rather than quantitative approach to measuring and prioritising different kinds of bribery risk, focusing less on trying to attribute numerical values to the likelihood or impact of a particular bribery risk area and more on the wider implications of bribery as a risk.


Support for small businesses to tackle record levels of cyber attacks


Additional research published jointly by PwC and the Department for Business, Innovation and Skills (BIS) cites that more small businesses than ever are facing the threat of losing confidential information through cyber-attacks.


The 2013 Information Security Breaches Survey has shown that 87% of small businesses across all sectors experienced a breach in the past year. This is up more than 10% and cost small businesses up to 6% of their turnover, when they could protect themselves for far less.


www.businessmag.co.uk THE BUSINESS MAGAZINE – SOLENT & SOUTH CENTRAL – SEPTEMBER 2013 The survey also showed that:


• Large organisations are also still at high risk with 93% reporting breaches in the past year


• The average cost of the worst security breach for small organisations was £35,000 to £65,000 and for large organisations it was between £450,000 and £850,000. The vast majority of these were through cyber- attacks by an unauthorised outsider


• Several individual breaches cost more than £1 million


• 12% of the worst security breaches were partly caused by senior management giving insufficient priority to security.


UK businesses face more advanced threats than ever before from unauthorised outsiders. The business world has changed and companies of all sizes, in all countries and across industries, are now routinely sharing information across business borders, whether it’s with business partners or employees’ personal devices. Cyber security is critical. It is no longer only an IT challenge; business leaders need to make sure they are protecting what is most critical to their organisation’s growth and reputation.


Organisations also need to make sure that the way they are spending their money in the control of cyber threats is effective. Spending on cyber control as a percentage of an organisation’s IT budget is up this year from an average of 8% to 10%, but the number of breaches and their impact is up as well so it is clear that there is work to be done in measuring the effectiveness of the security spend.


The guide can be downloaded from: www.transparency.org.uk/briberyrisk


The survey can be downloaded from: www.gov.uk/government/publications/ information-security-breaches-survey-2013- technical-report


Details: Ranjit Auluk 07803-853419 ranjit.auluk@uk.pwc.com www.pwc.co.uk/southeast


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40