top of page
rcsa.png

Summary

RCSA (Risk & Control Self-Assessment ) is a framework developed for internal bank departments. This is a consistent process, whereby the operational risks that may arise from business operations, products, and activities are identified and assessed on basis of impact and to identify the areas where the controls are weak or absent so that appropriate and timely corrective action can be taken and implemented. A part of the initiative is to operationalize and implement the RCSA process in a system.

Due to time constraints, the client was not interested to spend time on research. Still, we manage to have few workshops and interviews with departments to gather information from them.

NOTE*: In line with company policy, I am presenting a concise overview of the project.

The Challenge

The goal is to create a portal for the Operational Risk Management department to efficiently gather, store, and display risk impact assessments reported by various departments. This will streamline the current manual process, which uses MS Excel, and provide a centralized solution for higher authorities to access the information. The challenge is to design and implement this system to improve the current process.

Objectives

  • To create an portal with an automatic flow of data from the creation of the RCSA register till reporting of the results via a dashboard

  • Integration between data sets (master files) and system

  • Maker-Checker process

  • Aggregation of RCSA results and automatic dashboards

  • Create Individual dashboards with personalized data

My Role

I was a user researcher and interaction designer. I conducted workshops with departments and created user flow, and task flow and designed wireframes, high-fidelity prototypes and visual interfaces.

Understanding The User

User Profile

As this process was conducted manually using MS Excel. We identified various departments and their employees who were handling this assessment. The following demographic data is based on the departments involved.

Qualitative Research

ORMD Business & Support Groups (B&SGs)

Age Range: 32-45

Designation: AGM, DGM

User Roles: Maker, Checker, 

Super User, ORMD Senior Management User 
(View Rights Only)

Process Knowledge : Medium & High

Tech Knowledge: High

CAG, CCG, SARG, IBG,

GMU & GITC

Age Range:32-45

Designation: AGM, DGM

User Roles: Maker, Checker, 

Assessor, Approver, Reviewer

Process Knowledge : Medium & High

Tech Knowledge: High

R&DB & Circles

Age Range: 25-45

Designation: AGM, DGM, Manager, CM

User Roles: Maker, Checker, 

Assessor, Approver, Reviewer

Process Knowledge : Low & Medium

Tech Knowledge: High

Validator at Internal Audit Department (IAD)/Circle

Audit Office (CAO).

Age Range: 25-45

Designation: Identified Official

User Roles: Validator

Process Knowledge : Low & Medium

Tech Knowledge: High

Upon identifying the departments, users, and their respective roles, we conducted focus groups and individual interviews to uncover pain points and areas for improvement. The findings are outlined below.

  • Difficult to store and manage evaluated data from assessment

  • Lack of motivation to use excel sheet for the process as it is more confusing

  • Less data accuracy due to manual work

  • Time consuming process

  • Lack of coordination between departments 

  • Super user face issues like data gathering, storing, presenting results to individual

  • Difficulty in using the complicated platform

  • Hard to handle files due to involvement of multiple departments

  • Confusion in mapping of operating units for RCSA Assessment

  • Difficult to add comments/ remarks

  • Difficult in updating the response once excel is submitted

  • Back tracking of assessment was not possible

TITLE OF THE CALLOUT BLOCK

Task Flows

In the workshops with the departments, we analyzed the current process and identified gaps and issues. To minimize user cognitive load, we aligned our design with their mental model and segmented tasks. As a result, we divided the flow into three main parts, as described below.

User Creation Hierarchy

ORMD is super user and is responsible for creation of users and assign roles to Circle/ B&SG users. 

Flow chart.png

RCSA Register Creation

RCSA register is created/approved/rejected by R&DB & Circles and they can assign it to departments.

RCSA Creator flow chart.png

RCSA Exercise

Below flow shows how assessment is assigned and approved. 

RCSA Flowchart.png

Wireframes & Prototype

Picture5.png
Picture6.png

Conclusion

  • Segregation of data based on the department hierarchy

  • User were able to complete task within 10-15mins

  • Departments were able to create, check and assign assessments through dashboard

  • Super users were able to gather data, store and present results to individual

  • Increase in motivation as process was simple to use and fast to execute

Like what you see?

Let's chat.

CONTACT

© 2025 All rights reserved by Aditya Mulik

© Copyright
bottom of page