The Enterprise Process Center (EPC) provides users with Risk Management, Tracking, Scoring and Analysis capabilities, making the system a fully functional risk management tool. This tool allows users to create and assess Risks, as well as analyze the relationship that Risks have with Controls and Processes.
Key Definitions
Gross Risk: The risk to the company in the absence of any actions (e.g. Business Rules, Controls)
Residual Risk: The risk to the company remaining after corrective actions have been implemented to reduce the impact and likelihood, and increase the detectability of a risk within the organization
Impact (Risk): Severity of the consequences varies in terms of cost and potential loss on health, human life, or other critical factors.
Likelihood (Risk): Probability of occurrence
Detectability (Risk): The probability of detecting the fallout and/or consequences associated with the Risk
Applying Controls to Risks allows companies and users to mitigate how the risk affects the organization. As such, the EPC allows users to apply controls directly to Risks, which in turn allows users to develop a new and updated Score for the risk. When applying controls users can:
- Update Residual Impact Values
- Update Residual Likelihood Values
- Update Residual Detectability Values
Updating these values will generate the following:
- Generate a New Priority Score: This represents the Priority the Risk has after the specific control is applied
- Generate a New Score for the Control: This Score reflects the Residual Risk Score that would apply if ONLY this control were applied to the Risk
- Generate a % of Gross Score: This is a percentage of the Residual score of the specific control relative to the Gross Risk Score
- Update the Residual Risk Scores: These updates are leveraged by the system to generate a system calculated Residual Risk Score
To apply Controls to Risks:
1) Open the Edit form for the Risk you wish to use by clicking on the ‘Edit’ button
2) Expand the ‘What is the Risk Analysis’ section
3) Input your Gross Risk values for Impact, Likelihood and Detectability
4) In the ‘Select a Control’ bar, type to search for the control you wish to add or use the Object Selector to find the Control you wish to apply
5) Click on the Control you wish to apply
6) Click on the sections under ‘Residual Impact, Likelihood and Detectability’ to assess the new Residual Values using the dropdown
7) Repeat the steps until you have added all the Controls you wish to apply
8) Review the scores and the newly generated Residual Risk Scores above
9) Click ‘Save’ to save your changes to the risk
Post your comment on this topic.