Manage risk by understanding the impacts in the context of your processes
iGrafx Risk Management capabilities help companies address their compliance requirements by keeping high levels of visibility into the impact/likelihood of risks and the controls to mitigate them in the context of their business processes. With the powerful and multi-dimensional aspects of the risk management reporting capabilities, iGrafx provides unique value to customers with critical compliance needs.
Risks and compliance inventory
Catalogs of business or business unit specific risks and controls address compliance requirements.
- Associate controls to appropriate risks for effective traceability and audit enablement.
- Apply business or industry specific properties for true visibility, e.g., Key vs. Non-Key, SOX, BASEL, Solvency II, etc.
- Start with industry standard content to better understand potential gaps.
- Integrate with compliance systems of record to optimally leverage existing data.
Risk and compliance in the context of processes
Create and visualize risk and controls directly within business processes.
- Reuse risks and controls from a catalog at specific locations in the flows.
- Capture risk values specific to the instance in a process and/or location specific process variant.
- Set risk value limits for business activities for guidance needed to stay within acceptable boundaries.
- Identify ownership & RACI relationships, required tools & systems, and global Location specifics.
- Specify level of automation when identifying mitigation opportunities.
Compliance & audit reporting
Report across multiple dimensions for both internal and external auditing purposes for optional decision making.
- Aggregate within and/or across Business Units or by specific property for the widest range of visibility and traceability.
- Identify gaps in control context of process flows.
- Evaluate the quality of controls already in place.
- Reduce the risk of non-compliance by addressing gaps found during internal auditing.
- Re-evaluate compliance in context of changes to processes over time.
- Create business specific reports, e.g., BCBS 29 compliance.
Achieve visibility of risk value change.
- Dashboard rollups and Indicators in the context of Process flows provide high visibility to change.
- Aggregation by level, e.g., standard, business, and activity provides additional dimensions of visibility.
- Create business specific, customizable aggregation calculations, e.g., impact & likelihood to fit specific business needs.