Definition of RCM and RCSA
The acronym RCM stands for Risk and Control Matrix. To understand the Risk and Control concepts we need to understand the various terms that are commonly used in assessing them, as is elucidated in this section.
The acronym RCSA stands for Risk & Control Self-Assessment; when a test step is tagged to each of the controls and the management function performs that test, the exercise is known as a Risk and Control Self-Assessment.
This is the basic platform on which an ORM framework is built. It has these critical constituents: Risk, Control, Risk grading, Control Owner.
No comments:
Post a Comment