Established risk assessment programs

"Mary is a tremendous thought leader and partner in support of risk assessment strategy and overall design & execution."

Aaron Lee, Executive Director, Compliance, Amgen

Challenge

Resources are finite, and compliance officers need to allocate them effectively. The government expects this, with DOJ Guidance instructing prosecutors to assess whether companies “devote a disproportionate amount of time to policing low-risk areas instead of high-risk areas.” OIG corporate integrity agreements (CIAs) frequently require companies to establish formal risk assessment programs.

Solutions

I have led program-wide risk assessment efforts, where I:

Surveyed the organization to understand key business activities and gather institutional knowledge about known risks
Designed and operationalized a program to focus on product-specific risk
Drew on engineering knowhow to develop effective collaboration among cross-functional leaders including IT, data scientists and business leaders
Leveraged deep healthcare law and compliance expertise to identify meaningful indicators and help stakeholders develop actionable mitigation plans for identified risks
Led IRO discussion and annual reporting under CIA
Critically evaluated results and drove ongoing improvements
Tailored a broader global program to align with requirements of a new CIA

Results

By establishing effective risk assessment programs, my team and I helped the organization meet the needs of two government CIAs.

More importantly, we improved compliance leaders’ line of sight into operations, and provided them with tools to prioritize and manage their most significant risks.

NEXT: Navigated through key government investigations