Meycor COSO,a Comprehensive

Solution for Enterprise Risk

Management (ERM)

COSO I COSO II

MEYCOR COSO AG - A Comprehensive Solution

Meycor COSO AG

Assessment Module

Audit Module

MEYCOR COSO AG

Meycor COSO AG includes several activities to be assigned to the parties involved in the Risk Management process and a

methodology project to provide a step-by-step guide.

MEYCOR COSO AG

Fully customizable to meet the organization's needs and corporate culture.

The Organization

Easily define the organizational structure and its related processes,

managing web communications.

Fully understand your organization's attitude towards risk and how the entity's personnel handles and reacts to risks.

Using a fully customizable self-assessment you can get a quick diagnosis of how the current Risk Environment and Controls are perceived.You can quickly identify the items that need to be addressed in order to focus resources.

Enterprise Risk Management ensures that Senior Management has a process in place to establish objectives and that the objectives thus selected contribute to the entity's mission.

You can define several Objectives for each process, classifying and assigning themimportance ratings.

Strategic objectives can be traced to the highest organizational level.

You can even define a different risk threshold for each objective.

Internal and external events that affect the entity's objectives must be identified and classified as Risks or Opportunities.

Events are identifiedwith the collaboration

of all the areas involved.

Meycor COSO AG includes a sample event database for common processes.

Risks are analyzed considering their likelihood and impact in order to determine how they should be managed.

You can estimate their likelihood of occurrence

and consequences.

It is also possible to perform a quantitative loss analysis by

identifying the value of the affected assets.

An exposure index is set and compared against the

acceptable level set by the organization.

Senior Management selects the possible answers (avoid, accept, minimize or share), developing actions to align the risks with the maximum acceptable risk and the entity's tolerance to risks.

You can simulate several treatment options

It is also possible to review risks that combined could seriously compromise

the achievement of the objectives.

Policies and procedures are set and executed to ensure that the risk response is performed effectively.

You can specify mitigation control activities for each risk and assess their effectiveness(being even possible to audit them later on).

If the processes' activities are analyzed, the control activities can be linked directly

to risks.

All relevant information is identified, captured and communicated timely and accurately in order to enable the staff to take on full accountability. An effective communication needs feasible channels throughout the entity.

Risk Maps and Reports are published in such way that each area must take

responsibility for their risks.

CurrentAccounts

MortgagesBanking Credit

Cards

General Map w/ControlsEach area is accountable

for their own risks

Using the web module you can access all thedocuments and check whether they were

read, understood and agreed on.

You can generate reports in RTF, HTML and XLS formats

as well as several chartsincluding specific information.

Enterprise Risk Management is thus entirely monitored, being possible to make timely changes when appropriate. This monitoring can be easily performed either through Senior Management activities or independent assessments.

The Audit team can access the risk information

in a read-only format in order to define

the Audit Projects.

The Audit Moduleallows you to

use Audit Guidelinesto perform the review

process and to report findings.

With Meycor COSO AG you can define and manage Action Plans

to improve controls.

Registration

Transfers

Collection

Withdrawals

Customer Service

Risk UnitIT

Legal

Generate the control documents necessary to report to Senior Management, to the Operational Risk Committee, and to any areas involved.

OS for Operational Risk

Management

Record Loss EventsMeycor KP – Event Module

Measure/Assess

SR

KRI

Meycor Delphos

Different areas can report loss events

to identify possible changes to the

risk assessment.

You can define KRI(Key Risk Indicators)

that can be populated automatically from the

Events Module.

For further information:

• Request a free assessment of your organization's Risk Management Maturity Level to datasec@datasec-soft.com