Docstoc

GRC Risk Manager validation

Document Sample
GRC Risk Manager validation Powered By Docstoc
					GRC Risk Manager validation
Thank you for participating in our study. Please fill out all the
questions to the best of your abilities. The information that you share
with us will be kept confidential.


1) What is the industry to which your company/organization belongs?


            Aerospace and Defense
            Communications
            Education & Research
            Engineering & Construction
            High-Tech
            Industrial Manufacturing
            Life Sciences – Medical Devices
            Professional Services
            Public Sector
            Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

2) What is your organization type?


            Public Company
            Privately Held
            Non-Profit
            Government Agency
            Partnership
            Sole Proprietorship
            Educational Institution
            Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

3) What is your organization size?


            200 or less employees
            201-500 employees
            501-1000 employees
            1001-5000 employees
            5001-10000 employees
            10001 or more employees

4) What is your job title?
             Risk Manager
             Senior Risk Manager
             Manager of Risk Management
             Other (please specify)

          If you selected other please specify:
          ______________________________________________________________________

5) What are your responsibilities at work? Please check all that apply.


             Act as the key point of contact for all high risk situations that arise across related
business segments
             Analyze the historical loss and risk incidents in order to lead these process
improvement efforts to ensure proper controls are implemented
             Responsible for audits and related management comments
             Monitor audit activity and ensure related business segments are properly prepared
for client auditors, external auditors and internal audit groups
             Ensure audit recommendations are communicated to business units, documented in
the procedures, available to associates and periodically reviewed to ensure they are being
practiced
             Evaluate targeted risk processes and find and take corrective action when necessary
             Train business units with regard to relevant legal issues, contract negotiations and
implementations
             Ensure that strategies and business decisions are made with adequate knowledge of
any involved legal issues
             Other (please specify)

          If you selected other please specify:
          ______________________________________________________________________

6) What is your level of expertise in terms of assessing new risk?


             Novice - "I know basic concepts in the domain, but need support/supervision when
working on core functions."
             Intermediate - "I know basic concepts and more; I work independently in the area
of core functions."
             Advanced - "I have a thorough knowledge of all relevant concepts and work
independently on functions related to them; I can train people who are new to this domain."
             Expert - "I can make recommendations about how a company should implement a
particular functional area (including how it might need to be customized for particular business
scenarios)."
             Not Applicable

7) What is your level of expertise in terms of developing strategies in the
management of risk?


            Novice - "I know basic concepts in the domain, but need support/supervision when
working on core functions."
            Intermediate - "I know basic concepts and more; I work independently in the area
of core functions."
             Advanced - "I have a thorough knowledge of all relevant concepts and work
independently on functions related to them; I can train people who are new to this domain."
             Expert - "I can make recommendations about how a company should implement a
particular functional area (including how it might need to be customized for particular business
scenarios)."
             Not Applicable

8) What is your level of expertise in terms of taking corrective measures for a risk
process?


             Novice - "I know basic concepts in the domain, but need support/supervision when
working on core functions."
             Intermediate - "I know basic concepts and more; I work independently in the area
of core functions."
             Advanced - "I have a thorough knowledge of all relevant concepts and work
independently on functions related to them; I can train people who are new to this domain."
             Expert - "I can make recommendations about how a company should implement a
particular functional area (including how it might need to be customized for particular business
scenarios)."
             Not Applicable

9) What is your level of expertise in terms of performing audit tests related to risk
managment?


             Novice - "I know basic concepts in the domain, but need support/supervision when
working on core functions."
             Intermediate - "I know basic concepts and more; I work independently in the area
of core functions."
             Advanced - "I have a thorough knowledge of all relevant concepts and work
independently on functions related to them; I can train people who are new to this domain."
             Expert - "I can make recommendations about how a company should implement a
particular functional area (including how it might need to be customized for particular business
scenarios)."
             Not Applicable

10) How many years did it take you to attain your current position?


             3   years or less
             4   years
             5   years
             6   years
             7   years or more

11) How long have you held your current position?


             3   years or less
             4   years
             5   years
             6   years
          7 years or more

12) What is the highest level of education that you finished?


            Some high school
            High school diploma
            Associate degree
            Bachelor's degree
            Master's degree
            Doctoral degree
            Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

13) Is your highest degree in a related field (mathematics, economics, statistics,
computer science, econometrics, accounting/auditing, etc.)?

          Yes, my highest degree is in a related field
          No, my highest degree is not in related field
          Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

14) What are your specialties? Please select all that apply.


            Structured Transactions & ERM
            Financial Operations
            Environmental Health & Safety
            Bank Compliance
            Remediations
            Energy Risk
            Technology & Security
            Risk Strategy
            Operational Risk
            Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

15) Do you use any GRC (governance, risk, and compliance) software applications?


          Yes
          No

16) How often do you use any GRC (governance, risk, and compliance) software
applications?
            Rarely - fewer than once a month
            Occasionally - one to three times a month
            Regularlly - at least once a week
            Frequently - one or more times a day

17) On average, how much time do you spend with GRC software each time you use
it?


            Less than 1 hour
            1 to 2 hours
            3 to 4 hours
            5 or more hours

18) What types of training did you receive before using the software? Please check
all that apply.


            Classroom training
            On the job training
            Online help and documentation
            Online interactive tutorial
            No training
            Other (please specify)

         If you selected other please specify:
         ______________________________________________________________________

19) To what extent do you agree with the following statement: "I use GRC software
to review new and existing risk aspects for audit purposes."


            Disagree
            Somewhat disagree
            Neither disagree nor agree
            Somewhat agree
            Agree

20) To what extent do you agree with the following statement: "I use GRC software
to conduct risk assessments"


            Disagree
            Somewhat disagree
            Neither disagree nor agree
            Somewhat agree
            Agree

21) What is your level of general computer expertise?


          "I don’t use computers."
          Novice - "I can view and send e-mail and navigate the Web."
            Intermediate - "I use main features of office software with comfort and may use
some specialized tools."
            Advanced - "I am an Excel power user or a Web developer, and I use advanced
features of specialized tools."
            Expert - "I am a software developer, a DBA, or an IT professional."

22) Do you use Microsoft Excel to manage regulations?


           Yes
           No

23) How often do you use Excel to manage regulations?


             Rarely - once a month or less
             Occasionally - 2-3 times a month
             Regularlly - at least once a week
             Frequently - one or more times a day

24) How satisfied are you with using Excel to manage regulations?


             Very dissatisfied
             Dissatisfied
             Satisfied
             Very satisfied

25) Do you use a content management application to manage regulations?


           Yes
           No

26) How often do you use the content management application to manage
regulations?


             Rarely - once a month or less
             Occasionally - 2-3 times a month
             Regularly - at least once a week
             Frequently - one or more times a day

27) How satisfied are you with using the content management application to
manage regulations?


             Very dissatisfied
             Dissatisfied
             Satisfied
             Very satisfied

28) What is the name of the content management application?
         ____________________________________________________________

29) What is the percentage of time that you update regulations remotely?

            Never
            10% or less
            11% - 24%
            25% or greater

30) What is the percentage of time that you access and review RSS feeds remotely?

            Never
            10% or less
            11% - 24%
            25% or greater

We appreciate your help with our study. The information you share
with us will enable us to design our product to better meet the needs
of someone like you.

				
DOCUMENT INFO