This page contains information to assist our customers with utilizing the Risk module in RegScale. It describes what it is, why you would use it, the benefits, and provides instructions on getting started.
What is it?
A risk is a situation that could expose an organization to loss, danger, or some negative consequence. Risk are normally analyzed in terms of probability and consequence. Common synonyms for risks might include:
Why would you use it?
Risk management is used to evaluate potential negative events, in terms of probability and consequence, to cost effectively mitigate the risk. Effective risk management allows organizations to pro-actively prevent negative events and make better informated budgeting decisions. There are many reasons to perform risk management which include:
- Analyzing probability and consequence for negative events
- Tracking mitigation actions
- Determining the triggers that could realize the risk
- Ensuring that risks are reviewed and approved by organizational decision makers
- Factoring risk into various decisions around project management, exceptions, security control implementations, etc.
- Performing risk assessments for new threats
What are the benefits?
A strong risk management program results in multiple benefits for an organization; to include:
- Understanding the overall risk to the organization for improved situational awareness
- Pro-actively reducing risk by applying mitigations
- Avoiding trigger events to keep risks from being realized
- Improving accountability for accepting risk
- Achieving an integrated view of risk across various data silos
- Evergreening risk assessments over time as threats change
How do I use it?
The risk management module in RegScale Community Edition (CE) provides a number of key features that are useful in managing a robust program, to include:
- Tracking the status of risks over their lifecycle
- Analyzing risk and applying mitigations
- Tracking related mitigation actions and evidence
- Establishing risk mitigation strategies (i.e. accept, avoid, mitigate)
- Real-time tracking and dashboards
- Automation via our Application Programming Interfaces (APIs)
- Single pane of glass assignment tracking via our work bench
- Automated workflows for review and acceptance of risks
- Interactive timeline builder
- Social collaboration via our News Feed (LinkedIn for Compliance) and real-time commenting system
- Secure document management with our file upload and encryption system
- Audit history including every view, update, print, email, etc.
For our Enterprise Edition (EE) customers, you get all the great features above, plus we add:
- Ability to create custom fields to extend the schema and build out customer specific data entry forms
- Integration with Microsoft Teams and Slack for real-time collaboration
- Ability to host a multi-tenant version to segregate data by site, customer, organization, etc. to run many different risk management programs with complete data isolation from a single installation
- Real-time interactive dashboard with Microsoft PowerBI AddOn
RegScale (as of version 3.3.0) now supports risk lens analysis to categorize risk based on their impacts across multiple areas:
- Business Risk
- Operational Risk
- Safety Risk
- Security Risk
- Quality Risk
- Environmental/Sustainability Risk
- Reputation Risk
- Compliance/Regulatory Risk
By viewing risk through multiple lenses, RegScale can now model impacts to risk beyond basic probability and consequence where discrete impacts across multiple areas can be considered as part of a comprehensive risk management program.
As of version 3.3.0, RegScale allows trending risks over time versus the previous snapshot in time approach. This capability allows customers to create trend entries on a periodic basis (i.e. monthly, quarterly, etc.) to model changes in risk and their potential impacts to the company or a project's cost and schedule.
Updated 3 months ago