What we do

Solutions Orientated Risk Management

We support credit unions by

  • Providing and managing the foundation stones required for back office operations and management through our CU focused SORM system
  • Providing consultation and support to CUs

What is the SORM system:

SORM is a SharePoint platform that is designed to reflect the requirements of credit unions in an environment increasingly focused on compliance and risk management. It provides credit unions with tools that support the back-office.

At our core is our Risk Management Framework which comprises risk focused assessments and controls linked to a CU focused risk register and risk scenario planning and management. This backbone allows the CU and us to focus on the practices required to address the gaps highlighted by Risk, Compliance and Internal Audit.

SORM doesn’t identify risks for credit unions we focus on the solutions needed to mitigate these risks, we deliver the processes required to manage the gaps so your CU can focus on what is important – managing the relationship with the member

 

Solutions that meet your CU’s specific needs.

No need to start from a blank page – we provide the framework and work with you to customise it to your needs

Outsourcing Management

Trying to manage all your 3rd Party suppliers? We can help

 

Data Management

Looking to protect & manage your data? We have it covered

Policies and Procedures

Easily managed with audit trails and compliance checks

Business Continuity

Tailored plans for managing continued operations

Information Security

Be assured that your network and systems are safe & secure

Solutions

We don’t just look at the problem we focus on the solution. Our solutions link together so while you are addressing today’s challenges we are preparing for tomorrow’s

We build integrated solutions that make it easier to address multiple challenges without having to go back to the drawing board each time

Example: Mapping business processes is key to GDPR compliance, how do you know what data you are responsible for unless you know what you do and what data is created and used at different stages of your processes? We have mapped CU processes and our “Data Management” clients use these to aid their GDPR compliance programme.

Going further we use the work already done to build further solutions using these process maps

  • Business Impact Analysis for Disaster Recovery and Business Continuity Planning
  • Policy and Procedures for compliance and training
  • Oversight of 3rd parties and management of the outsourcing process
  • Business Process Management – where can the credit union improve, potential of shared services and economies of scale

Outsourcing Management:

Our process builds on the requirements of Section 76J of the Credit Union Act and the Thematic Review of Outsourcing in Credit Unions to put in place a structure that allows the CU to monitor and manage the 3rd parties that are engaged. We link your critical activities to the register of third parties, manage the required documentation (Contracts, Service Level Agreements, Non-Disclosure Agreements and supporting Due Diligence) while allowing the activity owners to monitor adherence to service levels. This process is linked to Data Management through the Privacy Impact Assessments and Business Continuity through the activities outsourced

Data Management:

Our process takes the requirements outlined under the General Data Protection Regulations (GDPR) and manages the CU’s needs through Process Maps identifying data records, Information Asset Register that show how data is managed, Protocols for Data Protection, Records Management, Information Security and Data Sharing. We customise our process templates to reflect your CU’s practices and use these to allow clear oversight of the process for your Data Protection Officer. The process can be linked to your Policy and Procedures registers, Outsourcing Process and Information Security

Business Continuity

Our process uses the guidance set out in the CU handbook and other best practices to develop, monitor and mange the BCP requirements of the CU. Using your mapped processes (or ours customised for your CU) we support the Business Impact Analysis (BIA) structure to create the foundation of a strong business continuity plan. The BIA shows how systems interconnect, affect your everyday activities and what needs to be done to bring operations back online. We can document your plan and put in place the step by step process required to create a workable BCP. The process can be linked to Procedures, Outsourcing and Information Security as well as scenario planning to manage risk