Leverage systems of record, locate hot spots, reduce costly manual processes, and be prepared for compliance audits
Assign Risk/Controls and report on mitigation gaps in the process context
- Add or import items to risk and control catalogs for reuse.
- Create risk and control instances in the context of the process flows.
- Report on gaps of risks without controls.
Specific assessment per instance of risk & control within process structure
- Based on the operational specifics of the process, assess the risk’s likelihood and impact.
- Assess the effectivity of controls that mitigate specific risk instances.
- Leverage risk categories to aid control coverage analysis
- Apply business or industry specific properties for true visibility, e.g., Key vs. Non-Key, SOX, BASEL, Solvency II, etc.
- Calculate and report on “residual” risk based on assessment of risk and control
Leverage risk and control catalogs for audit reports around business processes
- See effectivity of risk mitigation (residual risk) from risk catalog
- Show gap of risks in catalog not applied in process structure