A risk assessment is simply the process of identifying and evaluating the potential hazards that could negatively impact an organization's ability to conduct business. These assessments are designed to identify inherent business risks and provide measures, processes, and controls to reduce the impact of these risks to business operations.
Why does risk assessment matter?
Unless a given entity fully recognizes the potential adverse impacts of IVT from a business, operations and client perspective then they will be unable to develop comprehensive internal control procedures and IVT detection solutions (as applicable) which address the potential risks to the entity, its operations and its client base. When operating in the digital advertising space, it is paramount that entities take the time to evaluate the risks presented to the service’s operations within the context of IVT (on both a holistic and discrete level) in order to protect the operations of the entity, the integrity of relevant product suites and the impact on client bases.
How are the MRC Guidelines addressing the need for a risk assessment?
The MRC IVT Guidelines established a risk assessment process whereby entities operating in the digital advertising ecosystem evaluate the various risks (e.g. business, operations, client) in the context of invalid traffic (e.g. ad fraud) on a periodic basis. This assessment is specifically designed to take into consideration the sufficiency and effectiveness of relevant internal control objectives and resulting internal controls.
The SIVT mobile in-app interim guidance outlines the expansion of the IVT risk assessment to take into consideration risk factors specified to mobile application environments. These additional considerations, as outlined by the interim guidance, are presented in the executive summary above.
As Pixalate perceives this to be one of the most important procedural-level requirements of the MRC IVT Guidelines, we plan to publish additional context regarding the MRC requirements specific to the execution of a holistic, periodic IVT risk assessment.
Disclaimer: The content of this page reflects Pixalate’s opinions with respect to the factors that Pixalate believes can be useful to the digital media industry. Any proprietary data shared is grounded in Pixalate’s proprietary technology and analytics, which Pixalate is continuously evaluating and updating. Any references to outside sources should not be construed as endorsements. Pixalate’s opinions are just that - opinion, not facts or guarantees.
Per the MRC,
“'Fraud' is not intended to represent fraud as defined in various laws, statutes and ordinances or as conventionally used in U.S. Court or other
legal proceedings, but rather a custom definition strictly for advertising measurement purposes. Also per the MRC,
“‘Invalid Traffic’ is defined generally as traffic
that does not meet certain ad serving quality or completeness criteria, or otherwise does not represent legitimate ad traffic that should be included in measurement counts.
Among the reasons why ad traffic may be deemed invalid is it is a result of non-human traffic (spiders, bots, etc.), or activity designed to produce fraudulent traffic.”