Operational Risk Controls and Assessment

Governance Risk and Compliance software

As part of the Sword Achiever GRC Management Solution , Sword Achiever Risk Assessment integrates the risk assessment processes within Sword Achiever Document Management. This seamless link between processes and their associated risks promotes good governance, effective compliance and business improvement.

Effective risk management is elemental for managing adherence to corporate Governance, Risk management and Compliance (GRC) requirements.

Resources are an expensive commodity which need to be managed effectively so that maximum benefit from investment can be achieved. A risk-based approach will help to efficiently manage these valuable resources, so adopting an effective risk management assessment system at a strategic and operational level will ensure that high risk and high cost activities are identified and managed with appropriate controls, across the organization.

Specific features and benefits include:

• Risk Assessments for Business Strategy, IT, Health and Safety, Environmental and Financial are stored in a central, easy to manage document repository
• Assessment of risk is calculated based on severity, probability and detectability, adhering to best practices and engendering process improvement
• Association of a risk assessment with one or more standards or pieces of legislation, ensures that adherence to individual compliance requirements can be demonstrated
• Actions can be raised against risk assessments, ensuring that effective controls are applied to all identified risks
• Electronic workflow processes speed up the ability to produce new or revised assessments, and eliminate the need for a paper chase for editing and approvals
• Security of information is managed through role based access across the organisation, automatically protecting access and escalations

FLEXIBLE CONFIGURATION

• Customer configurable assessment types, categorisation and keywords ensure that the system reflects the business needs and that users can find information through an intuitive interface
• Configured default settings for review, approval and distribution, ensure control of approval information and ease of use for document creators

WORKFLOW AND ESCALATION PROCESSES

• The requirement for a periodic re-assessment of risk is automated by the system, ensuring that risks and their controls are always kept current
• All requested reviews, approvals and notifications are sent via email notification, using existing familiar email systems. This supports fast user acceptance and reduces training requirements
• Incomplete actions, reviews and approvals can be escalated using a configurable escalation engine, ensuring that all tasks are monitored to completion

MANAGEMENT REPORTING FOR GRC DOCUMENTATION

• Reports of risk by severity ensure that urgent items are quickly identified
• Reports identify all outstanding actions in the system, making the task of prioritisation easier and highlighting potential problems

INTEGRATION WITH MICROSOFT OFFICE

• Document content is created with a familiar word processor
• Process flows created in Microsoft Visio

INTEGRATION WITH TRAINING & SKILLS

• Association of risk assessments with job descriptions ensures that relevant documents are identified for new employees automatically
• Automated creation of training requirements ensure that updates to risk assessments will automatically initiate a notification of the need for training
• Easy identification of acknowledgements and visibility as to who needs training

INTEGRATION WITH OTHER MODULES

• Incident Reporting: Individual incidents can be associated with completed risk assessments, quickly identifying the more dangerous or most at risk business processes
• Equipment Management: Asset records can be linked to risk assessments, recording which assessment applies to the equipment concerned