Risk Management System

Favorites

More Topics Datasheets Case Studies Webinars Solution Briefs

MetricStream provides an integrated and flexible framework for documenting and assessing risks, defining controls, managing assessments and audits, identifying issues and implementing recommendations and remediation plans. The risk management system includes powerful tools for risk analysis and monitoring such as configurable risk calculators and risk heat maps.

Solution Sheet Enterprise Risk Management (ERM): A GRC Based Approach to Risk and Reward Management   Press Releases MetricStream Panel Discussion on Risk Management Draws Overwhelming Response from Companies Across the Industry Spectrum

Risk Assessment and Analysis
MetricStream Risk Management System provides a centralized risk framework to document and manage all risks faced by an organization. It supports risk assessment and computations based on configurable methodologies and algorithms giving a clear view into organizations risk profile and enabling manager to prioritize their response strategies for optimal risk/reward outcomes.

Controls Design and Assessments
Once the key risks are identified and prioritized, MetricStream leverages the COSO framework to enable companies to define a set of controls that mitigate those risks. The solution also allows associated policies and procedure documents to be attached for reference. Assessment plans to evaluate and ensure the effectiveness of the controls can be designed and assigned to owners based on roles and responsibilities.

Risk officers and process owners across the organization can manage risk assessment programs to ensure the effectiveness of controls designed to mitigate risks. The system supports assessments based on predefined criteria and checklists and has a mechanism for scoring, tabulating and reporting results.

The repository of all assessments, with an easy search capability, ensures that the users can check to see if a specific control was tested, the assessment results and whether it requires any remedial action plan.

Internal Audits
MetricStream Risk Management provides seamless integration with Internal Audit Management for streamlining the audit management process in the organization. It provides the flexibility to manage a wide range of audit-related activities, data and processes to support risk management. It supports all types of audits, including internal audits, operational audits, IT audits, supplier audits and quality audits.

The solution provides end-to-end functionality for managing the complete audit lifecycle including audit planning and scheduling, development of standard audit plans and checklists, field data collection, development of audit reports and recommendations, review of audit recommendations by auditees and management and implementation of audit recommendations and remediation.

Advanced capabilities like built-in remediation workflows, time tracking, email based notifications and alerts, risk assessment methodologies, and offline functionality for conducting at remote field sites allow organizations to implement the industry best practices for efficient audit execution and ensure integration of the audit process with the risk and compliance management system.

Issue Management and Remediation
For issues arising from the assessment and auditing processes or from any external events such as loss-events or 'near misses' the Risk Management system provides seamless integration with Issue Management and Remediation Management modules. Once issues are identified, documented and prioritized a systematic mechanism of investigation and remediation is triggered by the underlying workflow and collaboration engine.

The solution supports triggering automatic alerts and notifications to appropriate personnel for task assignments for investigation and remedial action. The issues remains open till the action plan is carried out and results verified for effectiveness. Managers can track the status of issues as they automatically moves from one stage to the next based on organizations risk management procedures.

Monitoring Risk
Executive dashboards provide enterprise wide visibility into the risk management process and highlight issues that need to be addressed in risk heat maps. The solution has the ability to track risk profiles, control ownership, assessment plans, remediation status, etc. on graphical charts that can be accessed globally and display real-time information. Ability to drill-down provides an easy way to access the data at finer levels of detail.

In addition to pre-configured standard risk reports, the system provides tremendous flexibility by enabling stakeholders to configure ad-hoc or scheduled reports to view metrics by a variety of parameters such as by process, by business units, by status, etc. Quarterly and monthly trending analysis along with the ability to drill-down into each report and dashboard to see the underlying details enables risk managers and process owners to stay in constant touch with the ground reality and progress on risk management programs. Automated alerts for events such as exceptions and failures eliminate any surprises and make the process predictable.