Control - Risk management
Risk management approach
Most of the risk management approaches integrate the three following steps :
- Risk mapping : identification and inventory of the nature of the risks faced by a business activity
- Analysis and assessment of the the risk impacts
- Description of the remediation plan
The concept of risk in WinDesign
Risk mapping can be done with WinDesign :
- either by associating the concept of risk with the different levels of business maps
- or in a specific way, by making a map focused on the risks
1 - Definition of the risk
This risk mapping provides :
- Risk identification
- The nature of the impact
- The probability of occurrence
- The risk assessments
- The degree of risk control
Other characteristics can be defined specifically in the context of the risk universe (external risks, operational risks, strategic risks, ...).
WinDesign provides a standardized nomenclature of the risks universe, that will be completed and specified according to the characteristics of the activity.
2 - Risk impact analysis
WinDesign lets you associate a risk to :
- A hardware (server, workstation, ...)
- A business activity (process or activity at any level of detail)
- A state for a business object
- A consequences string of the risk occurrence upstream
enabling thus to define and represent the risk occurrence context and its impact.
3 - Remediation plan
WinDesign enables to associate indicators allowing to observe and check the risk occurrence probabilities.
The various actions undertaken to prevent from the occurrence or the consequences of the risk, can be translated in Windesign by :
- The description of a procedure or a specific activity to take into account the risk, especially preventive procedures
- The description of the hardwares that will be used to absorb the origin or the consequence of the risk (duplication, backup, safety hardware, ...)
- The description of associated documents, such as insurance contracts