Introducing Risk Management System 2.0

VinciWorks has released version 2 of the Risk Management System. The new system features:

All new, modern design
Interactive dashboard
New graphical reports
Instant editing
And many more technical improvements

Overview of new features

Why a Risk Management System?

The SRA Handbook and Lexcel v6 clearly require that law firms have effective systems in place to properly manage risk. Using the VinciWorks Risk Management System will enable firms to satisfy legal requirements, easily generate reports, track risks, implement a control plan, and receive alerts when things are amiss.

SRA requirements

Principle 8: Run your business or carry out your role in the business effectively and in accordance with proper governance and sound financial and risk management principles.

Outcome 7.3: You identify, monitor and manage risks to compliance with all the Principles, rules and outcomes and other requirements of the Handbook, if applicable to you, and take steps to address issues identified.

Indicative behaviour 7.3: Identifying and monitoring financial, operational and business continuity risks including complaints, credit risks and exposure, claims under legislation relating to matters such as data protection, IT failures and abuses, and damage to offices may tend to show that you have achieved these outcomes and therefore complied with the Principles.

Lexcel requirements

Requirement 5.1: Practices must have a risk management policy, which must include:

a. a compliance plan
b. a risk register
c. defined risk management roles and responsibilities
d. arrangements for communicating risk information

Requirement 5.16: Practices will analyse at least annually all risk assessment data generated within the practice. This must include:

d. any matters notified to the COLP and/or COFA
e. any material breaches notified to the SRA
f. any non-material breaches recorded
g. situations where the practice acted where a conflict existed

Requirement 5.12: Operational risk must be considered and recorded in all matters before, during and after the processing of instructions.

Learn more about the RMS

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”