VERY IMPORTATNT: THIS ASSIGNEMNT IS IN 2 PARTS BECAUSE OF THE LENGTH OF THE PROJECT. SO, TO COMPLETE THE ASSIGNMENT FOR MODULE 5 I WILL SPLIT IT IN 2 PARTS. SO PLEASE CHECK FOR 2 POSTS FOR THIS MODULE.

I WILL MAKE THE FIRST POST COMPLIANCE MANAGEMENT: MODULE 5 (Assignment) PART 1 AND THE SECOND POST COMPLIANCE MANAGEMENT: MODULE 5 (Assignment) PART 2

COMPLIANCE MANAGEMENT: MODULE 5 (Assignment) PART 1

Module 5 requires you to submit Part 1 of the three-part ongoing project for this course. In this submission, you will apply all of the skills you have learnt related to identifying risks to create a risk matrix for a compliance risk management plan.

This spreadsheet provides you with a format for the compliance risk management plan, which you can either create for your own organisation, or you may use the fictional case study provided on the Online Campus. Remember to only use the fictional case study provided if you have chosen not to use your own organisation (or another organisation you are familiar with).

CASE STUDY

Case study: Lightning Communications and GS Bank initiative

Lightning Communications is a large telecommunications service provider listed on the Johannesburg Stock Exchange. It has many stakeholders across South Africa and caters for both private and corporate services. The total client base consists of approximately 40 million customers, the bulk of which are private persons.

The board and executive committee of Lightning Communications have recently engaged in discussions with one of the large retail banks in the country, GS Bank. GS Bank also has a large client and stakeholder base across the country. GS Bank is one of the Southern African Development Community (SADC) regions largest retail banks, and one of the largest three in South Africa. It has a total client base of approximately 16.5 million clients, with 28 million cards in issue (including debit, credit, and petrol cards).

Discussions between the two organisations have focused on the alignment of several mutual interests. There are three critical points of alignment that the GS Bank executive committee has proposed to implement operationally within the next 12 to 18 months:

Lightning Communications will provide location tracking and GPS data of private persons to GS Bank. The idea is that by using this data set, GS Bank can better track the movement of its customers to offer them a better, more personalised service linked with their accounts. This would include retail specials and petrol discounts at specific filling stations, among other incentives.

GS Bank can use this same data for know your customer purposes. The argument is that the GPS and location data provide a far more accurate, real-time picture of the actual place of residence of their clients.

Lightning Communications can incorporate a secure payment method for accounts and a scan-to-pay function through its app. Both functions would rely on a pay-gate service using the GS Bank's current

Note:

Check that you have populated the columns up until, and including, Column G for at least 12 rows. Do not fill in the blue section called Compliance monitoring plan yet (Columns L to T).

For this part of the ongoing project, you do not need to look at the Control environment and Control design details tabs (Columns H to K of the Compliance risk management plan tab). You also are not yet required to use the Control design considerations tab, as you will only need these sections for the Module 6 submission and the Monitoring rationale tab as you will only need this section for the Module 7 submission.

4. Rubric

	Unsatisfactory	Limited	Accomplished	Very good	Exceptional
Identifying legislation The answer provides at least 12 legislative extracts relevant to the context of the organisation.	No submission. OR The acts that are provided are not relevant to the context of the organisation.	The answer identifies fewer than 12 extracts; however, they are not entirely suitable for the context of the organisation. (2)	The answer identifies 12 extracts, and they are mostly suitable for the context of the organisation. (3)	The answer identifies 12 extracts, which are suited to the context of the organisation. (4)	The answer identifies 12 extracts, which suit the context of the organisation exceptionally well. (5)
Completing the required components of the compliance risk management plan All cells in the template required for this submission are complete with the appropriate level of detail.	No submission. OR Not all of the required cells are complete.	The required sections of the template are complete; however, there is limited detail that poorly describes the reasoning behind the risk ratings chosen. (2)	The required sections of the template are complete with enough detail to mostly describe the reasoning behind the risk ratings chosen. (3)	The required sections of the template are complete with a good level of detail that describes the reasoning behind the risk ratings chosen. (4)	The required sections of the template are complete with thorough and insightful detail that excellently describes the reasoning behind the risk ratings chosen. (5)
Creating a risk matrix The answer provides a risk matrix designed using the risk drivers identified and the risk rating scales in the template.	No submission. OR The answer provides a risk matrix that was not designed using the risk drivers identified or the risk rating scales in the template. (0)	The answer provides a poorly designed risk matrix using the risk drivers identified and shows limited representation of the risk rating scales in the template. (2)	The answer provides a risk matrix designed using the risk drivers identified and shows an adequate representation of the risk rating scales in the template. (3)	The answer provides a well-designed risk matrix using the risk drivers identified and shows a good representation of the risk rating scales in the template. (4)	The answer provides a very well-designed risk matrix using the risk drivers identified and shows an excellent representation of the risk rating scales in the template. (5)
Coherence, clarity, and adherence to brief The answers are clearly and logically structured and written in a way that is comprehensible. All word limits are adhered to.	No submission. OR The answers lack clarity, are incoherent, or are incomprehensible.	The answers show limited coherence and clarity. The writing is comprehensible but lacks logical structure.	The answers are written clearly and coherently. The writing is logically structured, but there is room for improvement.	The answers are clearly structured and written with good clarity and coherence. (4)	The answers are clearly structured and written with great clarity and coherence. (5)