RiskMaster for Creatio

RiskMaster for Creatio application makes risk registration and management processes easy, transparent and manageable.

Use cases:

RiskMaster for Creatio is designed to be used as a single general register of risks for a company in any industry and of any size. It can be used both for management of a particular risk type (e.g. customer complaints) or management of an entire group of risks (like operational risks). Being closely linked to other Creatio objects (processes, persons, documents), it ensures maximum automation of incident and risk processing, provides any risk case investigation with full range of the necessary information, ensures control of execution of decisions aimed at risk mitigation.

The application can also be used to make operations of the internal audit service automatic, to register deficiencies detected in the course of internal or external audit, and to control elimination of the detected deficiencies. The universal functionality makes it a convenient tool for risk management service or company’s internal audit department.

Key features:

• Business objects
  Determine the components of your business that are subject to risks and require risk assessment in your company. We offer 4 categories by default: business processes, products, IT systems, suppliers. In each category, create cards of business objects and carry out risk assessment. Control them according to the set regulations in one place – all metrics, corrective measures (completed and planned), incidents, risk cases, referring to the particular business object. Regulations include risk assessment processes both for new business objects and for revaluation of existing ones.
   
• Risk and control self-assessment (RCSA)
  Initiate risk and control self-assessment process, in which both management and personnel of all levels collectively identify and assess risks and related consequence mitigation actions. It adds value through possibility for several departments to participate in risk management, risk exposure detection and defining corrective and mitigating actions. The current methodology allows for simultaneous management of inherent and residual risks.
   
• Registration and classification of risk
  Register and group registered risks. The functionality allows easy setup of individual classification of risks. For convenience of its further processing, control and result analysis, the risk card provides all the information about all business objects, for risk assessment of which this risk was chosen, as well as all incidents and risk cases related to this risk.
   
• Incident registration
  Register incidents indicating probable occurrence of risk. Ensure automated registration of an incident via email sent to a specifically created email address for risk case registration. Upon necessity, configure automated import of incidents (e.g. IT incidents) from external systems.
   
• Relations between incidents and risks
  Several incidents of one type can refer to one risk, as well as one incident can imply several different risks at once. Use a flexible incident and risk case grouping mechanism through relations.
   
• Online risk incident investigation case
  Upon necessity, initiate an online incident investigation. Request and receive an expert’s review online, receive explanation notes, documents and comments online as well. At the end make a decision on the need to register a risk or close the incident without registering the risk.
   
• Risk processing
  Request and receive an expert’s review online for the registered risk case, receive explanation notes, documents and comments online as well. Ensure loss registration and classification, if such incurred. Create a decision draft. Ensure online coordination and approval of a decision project and control execution of the decisions, closing the risk case afterwards.
   
• Register of incidents and risks
  Use the incident and risk case register for efficient risk management at the company. Sort incidents and risk cases by the source of reporting, risk types, business processes, persons responsible. Track the occurrence of new risks and incidents. Use search option to easily find the risk case or incident you want to see and view full information about it (history of registration and processing, explanatory notes, expert’s opinion, comments, documents, decision-making and history of execution of these decisions).
   
• Recordkeeping of complaints and claims
  Complaints and claims are unique cases of operational risk. Upon classification of the risk case, indicate the customer and view all complaints and claims related to this customer not only in the centralized risk register, but also directly in the customer’s file in Creatio.
   
• Planning preventive measures
  Define and plan the necessary preventative measures for risk mitigation. Based on the planned measures, according to schedule, the tasks are generated automatically for the employees responsible, as well as emails for notifying them. Use online process for controlling execution of tasks and approval of results
   
• Audit
  Register scheduled and extraordinary audits, using flexible mechanism of checklists, collection of documents and record of communication in the audit, as well as register results of the audit. Take into account the detected deficiencies and control execution of audit recommendations, draft reports on audit results for the management. Use an option to register results and control execution of recommendations of external audit or supervising institutions.