• The Challenge

  Corporate boards, CEOs, CFOs and other members of the senior leadership team are facing unprecedented levels of business complexity, changing geopolitical threats, new regulations and legislation, and increasing shareholder demands. To address these challenges, business leaders are embracing the discipline of enterprise risk management in the planning and assessment of strategic objectives, and the monitoring and reporting on risks associated with those objectives.

  Motivated by the need to gain better insight into their business processes and more transparency throughout the enterprise to understand and control risks and align them with their business strategy, organizations must develop an overall approach to how they define, establish oversight for, manage, and monitor events within their corporate boundaries and with respect to external events.

  Enterprise Risk Management [ERM] is a process, affected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

  Furthermore, Enterprise Risk Management solutions must be comprehensive and span all risks to understand and manage the interplay among various types of risks and the fact that certain events carry with them more than one type of risk. ERM also offers the following benefits:

  • Enhances transparency;
  • Focuses management attention on risks that matter by expressing disparate risks in a common language;
  • Protects and enhances shareholder value;
  • Improves decision making, planning and prioritization by comprehensive and structured understanding of business activity, volatility and project opportunity/threat;
  • Improves corporate governance;
  • Improves operational effectiveness and efficiency;
  • Minimizes losses and maximizes gains.

  A comprehensive Enterprise Risk Management solution supports all stages of the ERM lifecycle allowing you to establish the context, identify, analyze, evaluate, monitor and consult your risks toward the enterprise organization.

  
  

  

  Back to top    Close

• The Solution

  SoftExpert ERM Suite enables organizations to identify, analyze, evaluate, monitor, and manage their enterprise risk in an integrated manner. It brings together all risk management related data - a reusable library of risks, controls and assessments, events such as losses and non-conformance, key risk indicators, issues and treatment plans - in a single comprehensive solution.

  The solution serves as the foundation for a company's enterprise risk management efforts through its ability to unite and support different categories of risk – financial, security, compliance, planning – accomplishing with other risk family solutions as Financial Control Management, Operational Risk Management, IT Risk Management and General Compliance Management.

  The following are some of the main features of SoftExpert ERM Suite:

  Context Definition – defines the scope (activity, process, function, project, product, service or asset) in terms of responsibilities and location well as its goal and objectives.

  Process Management – Provides a well-integrated platform for describing and modeling the business process that can be used for risk analysis.

  Asset/PDM Management – Maintains details of company assets/products used on risk management, covering inventory, maintenance, ownership, location, reservations, usage, downtime, verification, check-in/out status, and much more.

  Risk Identification – Facilitates risk identification through checklists application and unified risk repository.

  Risk Analysis – Powerful analysis toll that empowers the application of quantitative and qualitative methods, or a combination of these. Graphically visualization of significant risks.

  Control Definition – Establishes and implements policies and procedures ensuring effectively risk responses.

  Control Self-Assessment – Keeps internal control effectiveness through periodical tests and questionnaires application.

  Treatment Plan – Fully integrated Project and Portfolio Management [PPM] Suite to select, implement and monitor risk responses without requiring third party tools or custom programming.

  Risk Monitoring – Ongoing management activities, automatically and manual, using summary lists, risk matrix, KRI and more.

  Event Management - Complete automated handling of events, non-conformance and corrective/preventive actions using worldwide renowned methods: PDCA for problem solving, and 5W2H for action planning.

  Business Intelligence – Delivers line-of-business reporting and helps business users identify department problems. BI capabilities provide managers with the ability to drill down on data and “slice and dice” from different perspectives, based on Online Analytical Processing (OLAP) technology.
  The concepts and features offered by SoftExpert for Enterprise Risk Management meet all the requirements established by international standards and regulations, such as the new ISO 31000, ISO 27001, Sarbanes-Oxley (SOX), AS/NZS:4360, SEC Rules, NIST, PCAOB, Basel II, COSO, COBIT, and others.

  Back to top    Close

Annual Savings

• Cuts costs as a result of greater efficiency in risk management, mainly cutting down on the duplication of effort in data collection and reporting.
• Cuts down on losses resulting from risk events.
• Reduce blanket risk mitigation costs (Insurance Premiums).
• Reduce cost by applying a single platform to manage a multitude of risk and compliance mandates on an organization-wide scale.
• Reduce risk response times and ensure action is being taken, monitored and documented.
• Increases productivity. Optimized business processes of risk identification, risk assessment and treatment implementation will allow your staff to achieve better results in less time.
• Cuts costs and increases revenue by:
  • Increasing collaboration on data and knowledge.
  • Eliminating manual errors.
  • Facilitating the performing of tasks.
  • Accelerating cycle times for key processes.
  • Reducing time with custom implementations and integrations.
  • More effective using of resources.
  • Reducing scrutiny.

Investment

• Investment in SoftExpert ERM will depend upon the business unit size and implementation approach.

Return on Investment (%)

• ((((Total Annual Savings) x n years) - Initial Investment) / Initial Investment) x 100.

Payback Period (years)

• Initial Investment / Total Annual Savings.

• Focuses on issues that are important to the business rather than issues in their individual areas.
• Supports effective use of resources.
• Helps focus internal audit programme.
• Establishes a transparent and uniform process at all levels of an organization to manage risk, opportunity and compliance objectives.
• Adherences to corporate code and compliance regulations.
• Facilitates appropriate risk/reward decisions at all levels of management.
• Enhances standardization in risk assessment process by defining a consistent risk criteria and risk appetite.
• Facilitates the performing of mitigation tasks.