What is Risk

What is Risk

Risk is unavoidable, but it can be managed. With governance, risk, and compliance (GRC), businesses can strategically balance risk and opportunity. As global markets continue to impose new regulations, GRC help businesses:

  • Better manage compliance and risk
  • Better protect value - proactively avoid risk events; reduce cost of violations
  • Better perform - actively link risk and performance management and objectives

Successful companies manage performance across their enterprise using risk-balanced strategy management, through embedded risk-based controls in their business processes and by managing authorizations and access to information.

GRC provides insight into risk and compliance initiatives, minimize global trade violations, enable electronic tax invoicing for Brazil, and supply sustainability reporting. From financials to human resources, environmental concerns to trade management, GRC forsters efficiency.

Segregation of Duties (SoD) risk

A combination of two or more actions or permissions that, when assigned to a single employee, create a vulnerability. That is to say, in the case of two conflicting actions an employee may have permission to perform one of these actions, but not both.

Critical Action risk

Certain actions are, by their nature, inherently risky. Any employee who has permission to perform one of these actions automatically poses a risk. Defining a critical action risk ensures that any employee assinged this permission is identified by the risk analysis process.

Critical Permission risk

Just as some individual actions can be critical, the same is true for some permissions. Defining a critical permission risk ensures that risk analysis identifies any employee who has been assigned an action that includes a potentially risky permission.

The severity of a risk can be categorized as either:

  • Low
  • Medium
  • High
  • Critical

You use the Risk Level to categorize risks - and the rules they generate - by severity. What determines, for example, a critical risk is according to your company policies.

posted @ 2024-10-04 17:53  晨风_Eric  阅读(1)  评论(0)    收藏  举报