I found myself wandering around Seoul today. I stumbled upon a backstreet of Itaewon filled with European restaurants, new coffee shops, boutiques with coffee shops, boutiques with restaurants and even a boutique that would take care of your dog while you shopped. One coffee shop had a French bakery inside and another coffee shop was inside a French bakery. In Seoul? I would not have known it had I not gone off the beaten path. In fact I recently discovered the remnants of a wall that once belonged to an ancient fortress near my apartment. When you deliberately leave the comforts of your regular haunts you find yourself discovering new places and even old ones you didn’t know still existed. Likewise, unless you go off the beaten path, when reviewing your company’s processes and procedures you might not discover the new and maybe old problems and issues your company faces. You have to explore.
A legal risk management audit is a way of exploring all of the weaknesses your company has when confronted with outdated policies and processes. You will discover gaps in your compliance processes you never thought existed. Perhaps divisions which you thought had no or little legal risk are far more exposed to risk than you once thought. What level of risk does your Board of Directors find acceptable? What are your company guidelines concerning environmental or child labor laws and are the guidelines being followed? What about your vendors and suppliers? Does your company have a code of ethics that the suppliers are supposed to follow?
A legal risk audit can not only identify potential areas of risk but can identify specific areas that must be addressed internally and externally. However, to properly perform a risk audit you must not only re-examine familiar places but investigate unfamiliar ones as well. You must go off the beaten path. How?
An audit must not only target the major divisions in your organization but should also encompass those departments that are not deemed essential to the company. Maybe looking at the processes of a cost center instead of a profit center will result in discoveries you never thought possible. Sometimes you need an unbiased third party to conduct internal interviews for you even if you always conducted an internal investigation yourself. Maybe an outside third party can provide you with risk metrics or data that you never thought existed. A third party maybe able to conduct an investigation for you that you feel too uncomfortable to perform. Going off the beaten path may entail not only looking at different departments using an outside risk management consultant to look at things differently. To go off the beaten path may entail using an outside consultant to ask different questions while using different risk management tools to identify and quantify the risk not so visible from the inside.
There are many third party consultants to use when conducting risk assessments or audits. One such company is Erudite Risk. Erudite Risk provides services from due diligence, IP protection, business continuity and competitive intelligence. You may find out more about Erudite Risk at its website-