Risk Tools
Risk
Business offers a series of web-based risk management tools that address specific data processing and
platform needs within client firms, from data collection and reporting to full risk programme implementation.
In some cases, these tools are highly similar to those used in Risk
Business Content and Data Service offerings,
but they also may be utilised by client firms on an independent basis. They are designed to be used alone or,
as requirements dictate, as an integrated suite of applications.
Risk Profiling Service
This flexible profiling tool allows users to create graphic representations of their operational risk exposures,
based on business functions/processes, risk categories and, if required, product/service groups, all as
defined in the organisation's taxonomy library. Rating scales may be customised, and high-level risk profiles
can be generated by aggregating lower level-risk profiles.
[More]
RCSA Service
This robust service supports the roll-out and administration of a broad range of customised Risk and Control
Self-Assessment (RCSA) initiatives. Features include the capability to designate specific assessment units
within the firm, to incorporate structured taxonomy elements (risk and control types, etc.), whether standard
or user-defined, to specify risk measurement variables, and to create customised routines for data aggregation
and reporting. The application both manages programme design parameters and stores actual assessment data
(produced in workshops, etc.). The Service is fully integrated with the Risk
Business Taxonomy.
[More]
Internal Loss Data Service
This full-service, cost-effective platform allows users to develop and operate simple, yet sophisticated
internal loss event data collection processes. Based on industry standard loss event data models, the Internal
Loss Data Service provides extensive flexibility, e.g., to include non-Basel event and impact types (such
as "near misses," opportunity costs, operationally driven credit losses, etc.). The Service is
fully integrated with the Risk
Business Taxonomy and with the Loss Data Consortium Service and has extensions
for loss data translations and reclassifications.
[More]
KRI Monitoring Service
This flexible tool allows subscribers to select and track specific risk indicators, with customised thresholds
for alerts and escalation triggers. The tool may be used at any business level to collect or import indicator
values over time, assessing the collected values against thresholds and triggers to provide a broad range of
alerts and reports.
[More]
Risk Appetite Service
This real-time service allows the firm to combine, weight and aggregate multiple data sources, such as internal and
external loss data (both public loss data and consortium data), KRI data, audit findings, remedial actions, scenario
assessments, risk and control assessments, business environment factors, litigation cases, outsourcing assessments, suspense
account data, compliance assessments, industry benchmarks and any other data which can be converted into a rating,
then to set and monitor thresholds against the consolidated exposure points to which the source data is assigned.
[More]
Internal Audit Service
This Service is designed to support a risk-based audit programme, leveraging the structural features
of the Risk
Business Taxonomy. It allows for the creation of audit reports, with associated findings
and aids the management and workflow of open/unresolved reports. Business managers may record their
responses to particular audit findings, and register action plans to correct cited deficiencies.
Audit findings may be linked to specific operational risk variables, such as business function/process
and risk and control types, or to individual risk points in the applicable business's risk profile.
[more]
Processes, Controls and Compliance Service
This special-purpose service allows firms to create detailed business process maps, complete with associated
risks, controls, systems linkages, KRI triggers and job functions, all defined in accordance with the
firm's structured taxonomy. Within each process, a business may document the details of its business
continuity plan, as well as compliance requirements, insourcing/outsourcing arrangements, scheduling,
and detailed policies and procedures. The Service allows the incorporation of data from other tools
(e.g., Internal Audit, KRI Monitoring, Internal Loss Data, etc.).
[more]
Data Management Service
This diagnostic service allows firms to apply data quality tests to their existing internal risk event data,
to identify classification inconsistencies and to implement amendments in a controlled and audited manner. The
Service can also be used to enrich your existing data sets where your classification taxonomy changes or
evolves. It provides an ideal mechanism for periodic compliance reviews and managing actions arising from
such reviews.
[more]
Scenario Assessment Service
Scenario assessment and analysis is a mechanism which allows an organisation to tap into the wealth of knowledge
which resides within their senior management, in support of a holistic approach to enterprise-wide risk identification,
risk assessment and risk management. across all risk disciplines. Scenario workshops are invaluable in building risk
awareness, including a greater understanding of the interplay between risks. They are also a potential source of
data to enhance risk quantification models, by compensating for a lack of loss data, or by incorporating a more
‘forward-looking’ element to loss history. Additionally, they can be a tool to enhance emergency preparedness,
including the identification of the need for new controls, reporting or KRI monitoring.
[more]
Litigation Management Service
The formal definition in the Basel II Accord clearly identifies that litigation and legal issues are considered part of operational risk.
While it is accepted that in certain legal jurisdictions, legal processes and rules around discoverability impact on the way in which firms
manage legal cases, many firms still rely on spreadsheets and paper-based logs to track and control the litigation cases which they are
involved in. The Risk
Business Litigation Management Service allows the firm to automate the case management process,
tracking where each case is, who the legal expert(s) is currently looking after the case, which court has jurisdiction over the case and
to monitor and report on each stage of proceedings.
[more]
Outsourcing Management Service
Increasingly, as the costs faced by firms increase, more and more firms have outsourced both mission critical and support functions
and activities to specialised, typically lower cost providers of such services. In response, the regulatory community, concerned about systemic
risk and the ability of each firm to continue to operate, has introduced specific rules and sound practices guidelines around outsourcing.
The Risk
Business Outsourcing Management Service supports the establishment and maintenance of an outsourcing register, the initial due diligence
of service providers and the ongoing assessment of service level agreements and service provision in a controlled manner which facilitates
both regulatory compliance reporting and internal management reporting.
[more]
These tools are supported by a range of specific functionality relative to action plans, audit findings,
workflow structures, access controls and audit trails, available as part of a comprehensive service offering
suite. All Risk
Business tools and platforms are accompanied by a detailed Software Development Kit which
facilitates easy integration into a firm's core systems. For more information on our Technical Architecture,
please click
[here].
RiskBusiness also offers, in conjunction with our strategic partners and alliances, various additional tools
covering areas such as Scenario Analysis, Capital Estimation and Capital Allocation.
For additional information on Risk
Business' Risk Tools, please click
[here] to contact a Risk
Business representative, click
[here] to make an online enquiry, or email us on
info@riskbusiness.com.
