The Link Between Risk Management, Critical Controls and Auditing

By ,


Once companies have covered off base line regulatory compliance, they must embark on a journey to reach operational excellence. Leading companies utilize their risk management business process to identify their biggest risks and associated critical controls, and then implement various assurance processes such as audits and assessments to assure the efficacy of these controls.

In the presentation below, Nimonik Partner John Wolfe, shares some of the lessons learned about business processes in these areas. This presentation covers items he has identified while working with a large number of successful companies around the world.

He outlines the value of an ISO conforming integrated HSEQ (Health, Safety, Environment and Quality) management system framework and provides a high level look at three elements in particular :

  • The framework element dealing with legal and other commitments;
  • The element dealing with risk identification and management; and
  • The element dealing with audit and assessment.

Special emphasis is placed on looking at the interaction between these elements, especially in the identification of high consequence regulations, level 1 risks and critical controls as inputs to a risk based auditing program.

You can learn more about the link between risk identification, assessment, critical controls and auditing, in this free presentation and slides.

For more information on this presentation, on risk management or on other issues, simply reach out to us at

Nimonik Expert EHS Webinar Series: The Link Between Risk Management, Critical Controls and Auditing from Jonathan Brun on Vimeo.