The PRI (Perceived Risk Indicator) is a grading system that ethiXbase provides to measure the potential risk of an entity. It’s in essence a rating to help our clients decision making in their due diligence environment.
For example, if a third party is located in say, Sudan, then its PRI rating would be higher compared to say, Singapore. This doesn’t mean that a High Risk PRI entity is automatically involved in criminal issues or vice versa with a Low Risk PRI. It merely means that we would recommend more due diligence work to be done if an entity returns a High Risk PRI.
An example of a PRI risk rating may be based on three factors, each with its weightage:
- The third party’s industry (25%)
- Its location (25%)
- Its public risk profile (50%)
Based on these criteria, we will then calculate and indicate a percentage score to denote the potential risk of each third party. Each percentage score will divide into a few risk rating. Example of Low Risk (< 40%), Moderate Risk (40% - 70%) and High Risk (70% and above).
We do recognize that each client industry is different and the risk appetites can vary significantly, so if you wish to modify the PRI factors to give you a grading that is more suited to your company, that can be discussed as well. Some of the more common modifications are adding/removing factors and changing the weightage.
Ultimately, the PRI should not be treated as a stand-alone risk assessment tool and should be used in combination with your companies risk assessment, procedures, and policies.
Comments
0 comments
Please sign in to leave a comment.