Within our RCSA blog series, our goal is to provide insightful tips to support organisations in their RCSA journey. In the third and final instalment, we summarise key considerations for enhancing RCSAs by optimising essential culture and people capabilities.
This blog is part of a three part series. Read the first of the series, Top tips for effective and dynamic RCSA: Process, and the second Top tips for effective and dynamic RCSA: Technology.
Culture and people
1. Encourage the first line of defence (1LoD) to have greater ownership over the RCSA process to increase buy-in
The first line can play a key role in enhancing the effectiveness of RCSAs, as they possess:- High familiarity and knowledge of the risks
- Access to good quality data
- Potential access to funding for automation
2. Improve clarity of roles and responsibilities across the risk function, specifically delineating the 1LoD and 2LoD roles
Members have experienced benefits by better clarifying these roles. To enable the 1LoD team to prioritise other aspects of the RCSA process, the 2LoD can support the 1LoD in the following ways:
3. Involve a wider cohort to access the wisdom of crowds
Explore ideas to increase the value of RCSA exercises by involving a wider group of people and gaining insights via a bottom-up view. One such option proposed during our podcast was to send out a short monthly survey to Process Owners, asking what their top risks were and their view of their controls’ effectiveness, directed at the same purpose of fulfilling RCSA requirements.
4. Rebrand and reposition the exercise
In light of some members reporting negative cultural connotations with RCSAs within their firms, changing the exercise’s name and restructuring the logistical format of the RCSA could boost engagement and improve cultural association.
Related resources
For more details and a full panel discussion on this topic, listen to our podcast: Top tips for making your RCSAs more effective and dynamic (process, technology, and people).
Resources for ORX members
- Read our short report on Three key areas to improve your RCSAs published earlier this year. This includes further details on how aligning RCSAs and business strategy can unlock additional value
- Read our blog, Enhancing RCSAs – A guide to three key areas, related to the report above
- Read our blog on the Top discussion points from our recent regional forums, which took place over Q1 2024
- Read the RCSA Practice Benchmark
- Discover more from our Risk Management Working Group and Community For summary notes of the RCSA-focused discussions, see the RMWG webpage
