Calculating inherent risk

Scenario

You have assessed the inherent risk associated with a SOX Compliance risk for your company as follows:

Strategy Map

There are 9 operating segments in your Strategy Map: Canada, Italy, India, Japan, Thailand, China, Brazil, United Kingdom, and United States of America.

Risk scoring framework

You assess inherent risk using the following risk scoring framework:

Risk Scoring Factor	Weight	Severity Scale
Likelihood	100%	3 point scale (1 = Low, 2 = Medium, 3 = High)
Impact	100%	3 point scale (1 = Low, 2 = Medium, 3 = High)
Velocity	70%	3 point scale (1 = Low, 2 = Medium, 3 = High)
Vulnerability	60%	3 point scale (1 = Low, 2 = Medium, 3 = High)

Inherent Risk Score and Inherent Risk calculations

All calculations are rounded to the nearest tenth.

• Canada (1 x 100%) x (3 x 100%) x (2 x 70%) x (3 x 60%) = 7.6
• Italy (2 x 100%) x (2 x 100%) x (2 x 70%) x (1 x 60%) = 3.4
• Japan (3 x 100%) x (3 x 100%) x (2 x 70%) x (1 x 60%) = 7.6
• China (2 x 100%) x (2 x 100%) x (3 x 70%) x (3 x 60%) = 15.1
• Thailand (3 x 100%) x (3 x 100%) x (1 x 70%) x (2 x 60%) = 7.6
• United States of America (1 x 100%) x (1 x 100%) x (1 x 70%) x (3 x 60%) = 1.3

7.6 + 3.4 + 7.6 + 15.1 + 7.6 + 1.3 = 42.6 (Inherent Risk)

Inherent Heat calculation

• The total possible Inherent Risk Score for a single operating segment is 34.02 ((3 x 100%) x (3 x 100%) x (3 x 70%) x (3 x 60%)).
• The total possible Inherent Risk Score across all operating segments is 306.18 (34.02 x 9).

Inherent Risk (42.6) / total possible Inherent Risk Score (306.18) = Inherent Risk Heat (13.9%).

Values displayed in the risk tile

Within Risk Profile, the Inherent Risk and Inherent Risk Heat values display to left of each risk tile.

• The top number represents the Inherent Risk across all operating segments associated with the risk.
• The bottom number represents the Inherent Risk Heat.