Risk Management App Summary

Risk Library

  • Access and update the central risk library
  • Maintain standard taxonomy across risks
  • View and update organizational structure
  • Push updated risk and control information to all assessments

KRIs (Key Risk Indicators)

  • Create and set thresholds for KRIs
  • Assign KRI owner for update
  • Daily, weekly, monthly, quarterly, and annual trending of KRI
  • System alerts when KRI is out of the threshold

Assess & Track Risks

  • Notify risk owners to perform risk assessments
  • Risk owners can perform step-by-step risk assessments, including:
    • inherent and residual risk assessment
    • document contributing factors and consequences 
    • identify and connect controls from the library
    • Link controls to a central library of policies
    • view KRI and risk event trends over time 
  • Visualize connections in a graph to determine interconnectivity
  • Determine treatment and escalate if necessary
  • Create and assign an action plan for risk

Cross-Team Collaboration

  • Share assessments of controls across business units and second-line functions
  • Centralize risk data with Internal Audit and IT Risk applications 
  • Automated notifications of completed audits for review of final audit reports and issues
  • Tag team members for comments and information requests

Identify Risks

  • Input new risks or access the pre-populated risk register
  • Categorize risks into risk categories, processes, or objectives
  • Assign risk to a risk owner for analysis

Loss Events for Financial Institutions

  • Log loss event
  • Categorization of risk events 
  • Reporting on event type

Key Reporting

  • Best practice out-of-the-box reports, including:
    • Risk Committee Summary Reports 
    • Heatmaps at Corporate and Business Unit levels
    • Risk and Control Matrix
    • First Line user Dashboards
    • Issues and Action Plan Status
    • KRI status and risk appetite report
  • Loss Event Summary Report

Issues & Actions

  • Create and assign an action plan
  • Track progress of action plans
  • Issue status report

Facilitate Periodic Risk Assessments

  • Launch risk assessments across business units or functions
  • Status reports of completion, including overdue assessment