Note: The following features are not added to Risk Management by default. For information on adding these features to your version of the app, contact your CSM.
New Features
Point in Time Reporting
With the new Point-in-Time reporting feature, users can view historical information in reports in order to compare and contrast against information from previous timeframes without creating another assessment. For instance, a risk team can easily compare risk assessments as well as outstanding issues & action reports across several years. Admins can enable this feature from the Configure Filters palette when editing a report.
Loss Events
Users in the Risk Team user group can now record an organization's losses due to events that have occurred that impact risk in either the new Loss Events activity, or the new Loss Event section of the Risk form. This will allow customers to accurately record any losses the organization has suffered and help them to protect against similar losses in the future.
Process-Based Risk Assessment
Risk assessments can now be focused on processes rather than risk category. This will make organization easier for users who prefer to organize their assessments based on the organization's business processes, and will also reduce implementation time.
Objective-Based Risk Assessment
Risk assessments can now be focused on objectives rather than by risk category. This will make organization easier for users who prefer to organize their assessments based on organizational objectives, and will also reduce implementation time.
Delegate Roles
Resolver has added the following roles to the app to step in in case the object's owner is unable to fulfill his or her duties:
Risk Delegate
Control Delegate
Issue Delegate
Corrective Action Delegate
Risk Limited User
Resolver has added a new Risk Limited User user group. This new user group will have read-only global access to the organization's structure and all categorical object types in the app.
IT Risk Management Integration
Users in the Risk Team user group can now leverage their Integrated — IT Risk report to review key risks, controls, and issues from the IT Risk Management app. This will help to automate direct reporting for the IT risk team and ensure the risk team has the most up-to-date information.
Both this data and the previously integrated information from the Internal Audit app can be viewed in activities within Reports.
Standard Risk Management
Resolver has released a simplified version of Risk Management called Standard Risk Management. This is achieved through a lightweight version of the Risk Team user group to allow customers to start with something small and grow as their program matures. This user group only makes use of simplified forms and reporting that do not contain any of the following:
Issues (corrective actions connected directly to risks for Standard Risk Management)
KRIs
Loss Events
Connections to Incident Management
Miscellaneous Improvements
Various forms and reports throughout the app have been cleaned up for ease of use and clarity. In addition, various unused forms have been deleted.
The Risk Triage process has been slightly revised to include some more detailed prompts for first-line users. An individual "Risk Submitter" role has also been added to help facilitate this process for both first-line users and the Risk team.
The assessment's Define and Review Assessment Scope section has a new conditional formula that states whether or not the assessment has been scoped.
Control Self-Assessments have a new Assign Control Owner state between the Create and Self-Assess state to assist with continuous assessments.
The Risk Results by Risk Category report is now viewed at the assessment level for Risk Category Risk Assessments. An equivalent report exists for Process and Objective Assessments.
A new Business Unit Risk Committee report has been added to the app for all 3 assessment types. This report can be drilled down to from the Company-level report in the Reports application view.
Users in the Risk Team user group can now access a Controls activity within the app that grants them access to each control attached to a risk assessment.