Compliance, Risk & Audit

Compliance, Risk Management and Auditing are the main control activities that can be implemented in a company and are also functions in company organization.

Sernet’s LOB named Compliance, Risk & Audit fulfils projects of regulatory compliance with an organizational impact, risk assessment and conducting audits in all the main corporate areas. Sernet can also take charge of conducting these control functions through outsourced management.

Main Activies

Sernet implement organizational models in compliance with Italian Legislative Decree 231/01 with an own approach, respectful of company operations and with the involvement of managers in working out protocols in loud consistency with the characteristics and risk profile of the company.

Sernet consultants accept assignments in Supervisory Bodies (Organismi di Vigilanza) with the task of monitoring the application and effectiveness of the organizational models in force.

Within the sphere of companies with control or public participation, Sernet’s consultants set three-year plans for the prevention of corruption and they hold positions of Independent Evaluation Body.

Sernet carries out auditing assignments at customers or remotely on the basis of the data rooms made available and using its own checklists. The areas of verification are the most varied and refer to the skills present in Sernet (for example: checks on compliance with public and internal regulations, adequacy of the existing risk mitigation measures). The results of the auditing activities are reported in accurate and detailed reports and are aimed at gap analysis, adjustment plans or improvement plans.

As for risk management, Sernet suggests risk management projects with reference to norms and standards with international spread (ERM, ISO 31000: 2018).

In identifying and quantifying risks, Sernet involves managers for their knowledge of the context and the company dynamics in order to implement assessments of risks with the use of consolidated Control Risk Self Assessment approaches.

To deal with critical emergencies for business continuity, Sernet designs and assists its customers in implementing Crisis Management Plans aimed at reducing the risk of management errors originating from unpredictability and unpreparedness for crises. During the project, Sernet shares the criteria for identifying the most suitable managers to deal the crisis, provides approaches to assess the economic and organizational impacts of the emergency and to plan, manage and resolve the crisis exit and, in the end, set up the restart.

Main Activies

Sernet implement organizational models in compliance with Italian Legislative Decree 231/01 with an own approach, respectful of company operations and with the involvement of managers in working out protocols in loud consistency with the characteristics and risk profile of the company.

Sernet consultants accept assignments in Supervisory Bodies (Organismi di Vigilanza) with the task of monitoring the application and effectiveness of the organizational models in force.

Within the sphere of companies with control or public participation, Sernet’s consultants set three-year plans for the prevention of corruption and they hold positions of Independent Evaluation Body.

Sernet carries out auditing assignments at customers or remotely on the basis of the data rooms made available and using its own checklists. The areas of verification are the most varied and refer to the skills present in Sernet (for example: checks on compliance with public and internal regulations, adequacy of the existing risk mitigation measures). The results of the auditing activities are reported in accurate and detailed reports and are aimed at gap analysis, adjustment plans or improvement plans.

As for risk management, Sernet suggests risk management projects with reference to norms and standards with international spread (ERM, ISO 31000: 2018).

In identifying and quantifying risks, Sernet involves managers for their knowledge of the context and the company dynamics in order to implement assessments of risks with the use of consolidated Control Risk Self Assessment approaches.

To deal with critical emergencies for business continuity, Sernet designs and assists its customers in implementing Crisis Management Plans aimed at reducing the risk of management errors originating from unpredictability and unpreparedness for crises. During the project, Sernet shares the criteria for identifying the most suitable managers to deal the crisis, provides approaches to assess the economic and organizational impacts of the emergency and to plan, manage and resolve the crisis exit and, in the end, set up the restart.

Skills

Sernet can rely internally on consolidated skills in corporate compliance (GDPR, workplace safety, environmental legislation, administrative liability of entities, anti-corruption legislation). Sernet consultants have obtained certifications and accreditations that guarantee the competence to carry out checks and verifications in different regulatory contexts.

With reference to risk management, Sernet consultants have achieved international qualifications with IIA (Institute of Internal Auditors): CCSA – Certification in Control Self-Assessment and CRMA – Certification in Risk Management Assurance.