Show/Hide Toolbars

Release Notes

GRC portal

The GRC portal is a combination of important visions and information that the manager needs to monitor and track the risk management in the organization. The GRC Portal aims to visually present the analysis of risks and controls grouped by business unit, department, plan, risk type and risk. Among the various features of the GRC Portal, the drill-down navigation was highlighted with medium risk calculations and visualization of events and action plans associated with the risk and control.

 

risk_2012-01_zoom60

 

Control test

A test plan is a document that details how controls are evaluated. Test plans identify the method of testing or the evidence type obtained, specify the total size of the sample, and illustrate the test or attributes steps. A test is an evaluation that ensures the operational effectiveness of internal controls in an organization. Each control analysis can have a corresponding test and its test efficiency results.

 

risk_2012-02_zoom60

 

Evaluation approval route of the risk and control

Risk evaluations and controls can occur during the plan monitoring step. In that way, it is not necessary to create a new revision of the risk and control plan to update or generate new evaluations. The configuration of the approval route in the risk and control analysis ensures that no information is published without first passing through the approval of those responsible for the context where the risks and controls are associated.

 

risk_2012-03_zoom60

 

Records import wizard

In order to simplify the import of the records of SE Risk component, in this version, a wizard that guides the user how to make the import through a customized spreadsheet making it more intuitive is available. The import wizard is available in the Control, Consequence, Risk source, Best practice, Objective, Element, Treatment and Risk records.

 

risk_2012-04_zoom60

 

Duplicating the risk and control analysis

When creating a new risk or control analysis, at the time that it is possible to identify the risks and controls belonging to the context or plan, it is possible to choose the options to create a new analysis, associate an analysis with another plan, or duplicate an existing analysis. Thus, the system has several features to facilitate the creation of the risk and control plan.

 

risk_2012-05_zoom60

 

Responsible for risk analysis change

Each risk analysis has its responsible parties, in this way, when maintaining the plan, the customer needed to enter each risk analysis to change those responsible when necessary. This feature helps the user to swap "in batch" the responsible for risk analysis, being guided step by step to exchange information.

 

risk_2012-06_zoom60

 

Request explanation in risk and control evaluation

By generating a risk or control assessment, you can set up the evaluation method so that, as the result of the risk or control, the user is obliged to fill an explanation. In that way, the system helps the manager maintain that risk evaluations have a return depending on the level of criticism.

 

risk_2012-07_zoom60

 

Description for the types

From this version, the description field was made available for the "Configuration" menu types of SE Risk. The types that have the description field are control type, consequence type, risk source type, objective type, element type, plan type, treatment type, and risk type.

 

risk_2012-08_zoom60

 

Risk loss event

The record of a loss event is carried out in SE Incident and, from this record, the risk that suffered the loss is associated as it is the implementation arising from the manifestation of the operational risk. Loss can be financial or accounting for the company, or not cause an effective loss. In that way, the risk presents the result of all losses allowing managers to analyze the tolerance and appetite of the risk.