Enterprise risk management always relates back to the organisation’s goals and objectives: especially the ones that are most important to the current and future health of a business. CGR Foundation helps users to manage risks (threats) as well as opportunities related to the achievement of these objectives.
Strategic risk management (SRM) can be seen as a subset of Enterprise risk management (ERM). Strategic risk management involves just the board and C-suite executives (while ERM extends from the board throughout the organisation).
“Strategic Risk Management is a business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organisation’s strategy and strategy execution.” – Risk and Insurance Management Society (RIMS)
Operational risk is the prospect of loss (or gain, in the context of opportunities) resulting from inadequate or failed procedures, systems, or policies. These include any event that disrupts business processes: systems failures, fraud, or other criminal activity.
Projects are tools to achieve strategic objectives. Of course, all projects come with their own uncertainty, both positive and negative (threats and opportunities).
Project risks may also be important at an enterprise level. Some project risks are so pervasive (or of such extreme consequence) that they can cut across the entire organisation.
Desired state or outcome that it is intended to achieve.
The chance of something that will have an impact on objectives.
Something that produces an effect.
Any measure that modifies risk to prevent it occurring or lessen its impact.
A discrete step to implement or improve a control.
A verification of records, processes, assessment of effectiveness of controls.
CGR Foundation’s Risk Bowtie (a best practice risk assessment technique in ISO/IEC 31010) is a visual way of assessing risk.
Datagrid gives you the power to quickly update several risks at once—all from one screen.
Complete line of sight across the platform provides peace of mind, allowing visibility from Enterprise to Operational and Project Risks.
Use an interactive Risk Matrix to adjust multiple variables including Consequence (Risk Impact), Likelihood (Probability of occurrence), and Maximum Foreseeable Loss.
Build and manage your organisation’s Control Library and ensure that your Controls are being managed effectively.
Critical Control Verification audits allow you to determine the effectiveness of controls across your organisation—at a glance.
CGR recognises the need to identify Opportunities (positive risks), including driving factors and beneficial outcomes.
Add and update your team’s Actions quickly and simply—without the noise of other systems.
Risk Workshops designed by people who actually run them: intuitive, rapid entry of team risk workshop environments.