A Saudi financial institution embarked on a systematic transformation after an internal review revealed clear gaps in its risk management framework. Risk assessment processes were fragmented across departments with no unified methodology.
Diagnostic Phase
CoreSys conducted a comprehensive risk management maturity assessment using the COSO ERM framework, revealing that the institution was at Level 2 (Reactive) out of five levels.
Improvement Roadmap
Over 18 months, CoreSys implemented an integrated roadmap that included unifying the risk assessment methodology, building an enterprise risk register, training over 60 employees across departments, and linking risk management to strategic planning.
Results
The institution advanced to Level 4 (Managed) within the set timeframe and received a compliance certificate from the Capital Market Authority following a successful review.