The Enterprise Process Center (EPC) provides users with Risk Management, Tracking, Scoring and Analysis capabilities, making the system a fully functional risk management tool. This tool allows users to create and assess Risks, as well as analyze the relationship that Risks have with Controls and Processes.
Gross Risk: The risk to the company in the absence of any actions (e.g. Business Rules, Controls)
Residual Risk: The risk to the company remaining after corrective actions have been implemented to reduce the impact and likelihood, and increase the detectability of a risk within the organization
Impact (Risk): Severity of the consequences varies in terms of cost and potential loss on health, human life, or other critical factors.
Likelihood (Risk): Probability of occurrence
Detectability (Risk): The probability of detecting the fallout and/or consequences associated with the Risk
Within the EPC, there are 2 ways to calculate Residual Risk Scores within the EPC
- System Generated Calculation: After determining the values for your Gross Risk Score, you apply controls which allow you to determine the residual values for Impact, Likelihood and Detectability. The EPC takes these residual values and calculates your Residual Risk Scores. For work instructions on applying Controls, see the section here.
- Manual Override Rollup: Users can override the system calculation and determine their own residual values for Impact, Likelihood and Detectability. These values are used to determine the Residual Risk Scores. For work instructions on how to override the system generated score, see the section here.