ABSTRACT
A risk-based approach is a methodology for assessing business and financial risks, and scoring them using selected criteria in order to prioritise treatment and support effective decision making. Many fraud arid revenue assurance teams find it very difficult to demonstrate their return on investment to the business and they therefore struggle to justify head counts and spending on fraud and RA control technologies. There are three types of risk factor that are normally considered: subjective risk factors, objective or historical risk factors, and calculated risk factors. The task of defining the RA and Fraud Risk control plans should follow a systematic process to ensure that all fundamental business aspects and IT-service support activities are understood and considered. A risk-based approach dictates that the allocation of resources to deal with manifest or anticipated risks should be done on the basis of a holistic assessment of risk. Resource and budgetary allocations should be directed at the risks with the greatest business impact.
