The Enterprise Process Center (EPC) provides users with Risk Management, Tracking, Scoring and Analysis capabilities, making the system a fully functional risk management tool. This tool allows users to create and assess Risks, as well as analyze the relationship that Risks have with Controls and Processes.
Key Definitions
Gross Risk: The risk to the company in the absence of any actions (e.g. Business Rules, Controls)
Residual Risk: The risk to the company remaining after corrective actions have been implemented to reduce the impact and likelihood, and increase the detectability of a risk within the organization
Impact (Risk): Severity of the consequences varies in terms of cost and potential loss on health, human life, or other critical factors.
Likelihood (Risk): Probability of occurrence
Detectability (Risk): The probability of detecting the fallout and/or consequences associated with the Risk
In cases where controls may or may not apply to a risk on a specific process, users can select the Exclude checkbox. This will disable the control and will remove it from the aggregate residual risk score.
Post your comment on this topic.