Essential ERM provides you several ways to organize and filter your risks. Use these techniques in combination or independently to generate flexible reports.
Categories and Sub-Categories - the system comes pre-populated with common categories, but you can change these in the category administration screen. Sub-categories are turned off by default on new accounts but can be turned on by system administrators in the Risk Categories admin screen.
Risk Owner - a best practice in risk management is to assign each risk to an individual owner through the drop down at the top of the Risk Details screen. Most explorer windows and reports in the system are filterable by owner.
Business Area - business areas are flexible tags that can be attached to any risk (from the Business Area section of the Risk Details screen) and then used to filter explorers and to filter reports. Business areas can be added and edited through the Business Area administration screen. For example, creating and attaching a Business Area called “Board Report” to certain risks is a fast and easy way to create filtered reports to provide your board members. You can create and attach as many Business Area tags to a risk as you like.
Strategic Objective - through the Strategy Explorer, you can create strategic categories (e.g. Growth, Corporate Viability, Operational Efficiency, Innovation etc.) and then create strategic objectives under each category (e.g. add “50 new franchise locations by November 30” or “increase gross margin from 15% to 20%” etc.). Once you have created your objectives, you can attach them to your risks in the Strategic Objectives section of the Risk Details screen. Objectives function like Business Areas in that you can attach as many to a risk as you like. Once Strategic Objectives are mapped to risks, you can filter system explorers and reports by objective. These mappings will also automatically populate the Strategy Explorer dashboard components.
Risk Thresholds - you can set upper and lower thresholds for your organization’s desired range of residual risk, by risk category. Thresholds are managed in the “Set Risk Thresholds” admin screen. Once thresholds are set, and as soon as a category is selected for a risk, the risk’s residual risk score will automatically be compared to the desired thresholds. The Enterprise Risk Console can be filtered to identify risks that are above, within or below thresholds. The Risk Appetite dashboard will be automatically updated as well. Using Risk Thresholds provides an easy way to implement your Risk Appetite Framework and another method to filter and organize risks (and one that provides useful context for your board and executive team!).
Risk Portfolios - this feature provides to primary functions:
1. As a way to control user access to certain risks and other records
2. As an additional method for filtering system explorers and reports
Note that the Risk Portfolios feature is not available in all account packages. If this feature is enabled for your organization, your System Administrators can create confidential Risk Portfolios in the admin screen area. System Administrators will assign Standard Users (i.e. non-admin users) to each Risk Portfolio. Risks and other resources can then be optionally placed in a confidential Risk Portfolio. When Standard Users log into the system, they will only see the portfolios and associated records that they have access to. Most explorer screens and reports in the system can be filtered by portfolio.