Enterprise Risk Management
Closely aligned with the risk management process from ISO 31000, Abriska® 31000 was designed to provide organisations with an intuitive tool for assessing and managing all types of risk from different functions and departments.
Its purpose is to ensures that risk management is an integral part of management and governance, is embedded into the culture and practices, and is tailored to the needs of an organisation.
You will find the configuration options vary to that within the RA Management for the Information Security 27001 module.
Initial Setup
Organisation setup steps can be followed from our general Organisation Setup page.
Abriska 31000 Process Overview
- ISO 31000 Process Overview
- Enterprise Risk Management Setup
- Using the Enterprise Risk Register
- Generating Reports
Read Only Risks
This new functionality, available from October 2022, allows identified and analysed risks to be shared with other divisions.
Risk Register Division Share
Risk owners and organisation admins can share a risk to all divisions allowing them to be aware of other risks and instead of producing a new similar risk, this can be copied and altered to suit another divisions analysis (likelihood + impact).
Copy Risk to My Division
To copy a risk, click 'Copy to My Division' in the blue box at the top of the page when viewing the risk. This will open a modal window asking you to select the division to copy to and set the risk owner. Upon submission you will be taken to that new (copied) risk where you can then make edits to the analysis and evaluation, treatment and actions.
All copies of a risk will automatically be linked so that the original and and subsequent scoring can be viewed.
A new notification will be added to highlight how many shared risks there are.
How to activate Read Only Risks
Organisation admins can turn on this feature from: Risk Assessment > RA Management > Configuration > Risk Register Config. Turn the radio toggle to green for 'Read Only Control'.
Risk Register Config
Video
How to add enterprise risks to the risk register for Abriska 31000
The Risk Register within the ERM module contains different options within the Risk Detail tab, for more information please see the Risk Register Enterprise Risk Management page.