HomeAbout UsCapabilites
Services
Audit & Assurance
Financial Statement audit & attestationFinancial Reporting advisory
Advisory
Link 1Link 2Link 3
Tax
Link 1Link 2Link 3
Business Services & Outsourcing
Link 1Link 2Link 3

Service

Audit & Assurance

Tax & Regualtory

Advisory

Bussiness & Outsourcing

Audit & Assurance

Financial Atatement Audit & Attestation

Financial Reporting Advisory

Tax & Regualtory

Corporate Tax

Indirect Tax

Finacial Sector

Family Office,estate & succession Planing

Advisory

Mergers & acquisitions

Valuation

Due diligence

Corporate finance & investment banking

Start-up advisory

hgghhgdgfhhgd

IPO advisory

IT risk advisory & assurance

Sustainability & ESG

BFSI advisory

Management consulting

Business & Outsourcing

Finance & Accounting Outsourcing

Global Outsourcing

Compliance

Fund Accouting & Trust Accounting

Virtual CFO

Payroll

Services

Audit & Assurance
Tax & Regulatory
Advisory
Business & Outsourcing

Audit & Assurance

Financial Statement Audit & Attestation

Financial Reporting Advisory

Featured

What is the COSO framework?

September 24, 2024

Going Concern: What It Means for Your Business

August 8, 2024

Fraudulent Financial Reporting

June 19, 2024

Tax & Regulatory

Corporate Tax

Indirect Tax

Financial Sector  

Family, Office, Estate & Succession Planning

Featured

What is the COSO framework?

September 24, 2024

Going Concern: What It Means for Your Business

August 8, 2024

Fraudulent Financial Reporting

June 19, 2024

Advisory

Mergers & Acquisitions

Valuation

Due Diligence

Corporate Finance & Investment Banking

Start-up Advisory

Promoter Restructuring & Succession Planning

IPO Advisory

IT Risk Advisory & Assurance

Sustainability & ESG

BFSI Advisory

Management Consulting

Featured

What is the COSO framework?

September 24, 2024

Going Concern: What It Means for Your Business

August 8, 2024

Fraudulent Financial Reporting

June 19, 2024

Business & Outsourcing

Finance & Accounting Outsourcing

Global Outsourcing

Compliance

Fund Accounting & Trust Accounting

Virtual CFO

Payroll

Featured

What is the COSO framework?

September 24, 2024

Going Concern: What It Means for Your Business

August 8, 2024

Fraudulent Financial Reporting

June 19, 2024

Services

Services

Audit & Assurance
Tax & Regulatory
Advisory
Business & Outsourcing

Audit & Assurance

Financial Statement Audit & Attestation

Financial Reporting Advisory

Featured

What is the COSO framework?

September 24, 2024

Going Concern: What It Means for Your Business

August 8, 2024

Fraudulent Financial Reporting

June 19, 2024

Tax & Regulatory

Corporate Tax

Indirect Tax

Financial Sector  

Family, Office, Estate & Succession Planning

Featured

Invoice Management System (IMS) under GST

September 18, 2024

GST IMPORTANT ANNOUNCEMENTS via CIRCULAR NO. 230 to 233 dated. 11th Sept. 2024

September 18, 2024

GST IMPORTANT ANNOUNCEMENTS IN 54TH GST COUNCIL MEETING (September 9, 2024)

September 13, 2024

Advisory

Mergers & Acquisitions

Valuation

Due Diligence

Corporate Finance & Investment Banking

Start-up Advisory

Promoter Restructuring & Succession Planning

IPO Advisory

IT Risk Advisory & Assurance

Sustainability & ESG

BFSI Advisory

Management Consulting

Featured

TAXATION OF INFLUENCERS AND CONTENT CREATORS: THE NEW FRONTIER

June 24, 2025

Corporate Social Responsibility (CSR)

June 23, 2025

Compulsory Convertible Debentures (CCD) & Compulsory Convertible Preference Shares (CCPS)

July 29, 2024

Business & Outsourcing

Finance & Accounting Outsourcing

Global Outsourcing

Compliance

Fund Accounting & Trust Accounting

Virtual CFO

Payroll

Featured

LEAVE & LAW POLICIES FOR EMPLOYEES IN INDIA

May 9, 2024

SOCIAL SECURITY LAWS- PF & ESIC

April 20, 2024

SOX Compliances

January 6, 2023

Audit & Assurance
Financial Statement Audit & AttestationFinancial Reporting Advisory
Advisory
Mergers & AcquisitionsValuationDue DiligenceCorporate Finance & Investment BankingStart-up AdvisoryPromoter Restructuring & Succession Planning IPO Advisory IT Risk Advisory & AssuranceSustainability & ESGBFSI advisoryManagement Consulting
Tax & Regulatory
Corporate TaxIndirect taxFinancial sector  Family, office, estate & succession planning
Business & Outsourcing
Finance & Accounting OutsourcingGlobal outsourcingComplianceFund accounting & Trust AccountingVirtual CFOPayroll
Solutions
Multinational CorporatesIndian CorporatesStartups
BlogsBlogsCareersContact UsContact Us
Schedule a consultation

Risk Control Matrix

By
Team Bilimoria
June 12, 2021

I. Introduction:

Each organization and its risk environment is unique, depending on different factors, including: business type, size, resources, and laws or regulations. Hence, Risk Control Matrix is an important tool to understand and optimize your organization’s risk profile.

A Risk Control Matrix (RCM) or also commonly referred as Risk and Control Matrix (RACM) is a powerful tool that can help an organization identify, rank and implement control measures to mitigate all the risks prevalent in the organization. A RACM is a repository of risks that pose a threat to an organization’s operations as well as the controls in place to mitigate those risks. Put simply, a RACM serves as a snapshot of an organization’s risk profile, measuring the organization’s risks against the formalized actions taken to prevent negative events from occurring.

Further, as per Section 143(3)(i) of The Companies Act, 2013, auditors have to report whether the company has adequate Internal Financial Controls and the operating effectiveness of such controls for all classes of companies (listed/unlisted) except Private Limited Companies and One Person Company (OPC) which has Annual turnover of less than Rs 50 Crores or has aggregate borrowings of less than Rs 25 Crores from banks/financial institution at any time during the financial year issued after 13th June, 2017.
Thus, RCM is one of the outputs for ensuring the implementation of Internal Financial Control as prescribed by The Companies Act, 2013.

II. Case Study:

The Base Manufacturing Co. is one of the leading companies in India dealing into various range of cosmetic products including fragrance, personal care and beauty brands. However, the management of the company is not very happy with the ongoing problems faced within the company. The CEO of the company Mr. Naresh has come across a major issue that there has been a lot of misappropriation of receipts from Debtors in the company over the past few months. On communication with the debtors, it was found out that they had paid the dues to Base Manufacturing Co. however, the same was not reflected in the accounts of the Company. After detailed investigation, it was found out that the Manager of the company had given different account number to the debtors and used to misappropriate the receivables from the debtors.
The Company wanted to prevent such frauds in future & since they did not have any internal check for the processes, they therefore approached M/s MASD & Co. who were experts in the field of Risk Advisory and Assurance Services.

After evaluating the ongoing issue and clearly identifying the risks, MASD & Co. decided to devise a Risk Control Matrix (RCM) for Collection and invoicing as follows:

Sub-Process

Risk Description

Risk Heat

Control Description

Control Nature

Collection

Unauthorised Bad Debt write offs

High

-Ageing report should be generated to determine the period and amount outstanding.
-Also, a maker-checker process should be implemented to check and identify whether any bad-debt has been unauthorizedly written off or not.

Detective

Invoicing

Unauthorized access of invoices

High

Employee Responsibilities should be properly separated and Access Rights should be well-defined and granted to specific users

Preventive

Since, the company had then implemented a well-designed Risk Control Matrix which properly addressed the risk which company was facing, company was able to find out a proper solution with proper controls placed which were not earlier implemented.

As it can be seen from the RCM above, developing and maintaining RACM for an organization has multiple benefits-

  • Conclusion

An RCM provides a one-point documentation of business process, risks, control testing details and is used extensively .Organizations striving to optimize their risk profile – identifying the amount of risk they are willing to tolerate while simultaneously achieving strategic goals – should consider leveraging a RACM as a powerful tool to clearly identify, understand, and manage their risk environment. The success or failure of a business can be directly linked to whether the organization truly understands and manages its risk exposure. Therefore, it is essential to have a holistic understanding of an organization’s risk environment to provide Management with the information necessary to make sound and informed business decisions.

If you are interested in understanding how your organization could benefit from a Risk and control, please reach out to us on the below mentioned mail IDs.

Authors:
CA Aakash Mehta
Partner, MASD
E-mail ID: aakash.mehta@masd.co.in
Poojan Joshi
Associate Consultant, MASD
E-mail ID: poojan.joshi@masd.co.in

Explore More

June 24, 2025

Team Bilimoria

TAXATION OF INFLUENCERS AND CONTENT CREATORS: THE NEW FRONTIER

In recent years, the rise of social media has given birth to a new and powerful profession: AN INFLUENCER What began as individuals sharing their personal lives, opinions, and talents online has now evolved into a full-fledged marketing industry. Influencers are people with a dedicated following on social media platforms like Instagram and YouTube who partner with brands to promote products and services in a relatable & authentic way. This form of marketing, known as influencer marketing, has gained immense attraction due to its ability to reach niche audiences and drive engagement.

Read More

June 23, 2025

Team Bilimoria

Corporate Social Responsibility (CSR)

Corporate Social Responsibility (CSR) is outlined in Section 135 of Companies Act, 2013 and has been made mandatory for the companies following the specified criteria from April 1, 2014. CSR Activities were introduced with an intention to allow companies to contribute to the social, environmental, and economic development of the country.

Read More

Read All Blogs

BILiMORIA MEHTA & CO. is a leading Chartered Accountancy firm with a rich legacy of serving clients in India and internationally.

info@bilimoriamehta.com

+91 (22) 6697-2111

Company

  • About Us
  • Contact Us
  • Careers
  • Resources

Solutions

  • for Startups
  • for Indian Corporates
  • for Multinational Clientele

Solutions

  • Multinational Corporates
  • Indian Corporates
  • Startups

Services

  • Audit & Assurance
  • Tax & Regulatory
  • Advisory
  • Business & Outsourcing

Resources

  • Blogs
  • Regulatory Updates
© 2024 BILiMORIA MEHTA & Co. All Rights Reserved
Privacy PolicyTerms & Conditions