Risk Taxonomy
What is a Risk Taxonomy?
To make managing enterprise-wide risk simple and practical, you need to take complex material, break it down, and make it accessible for anyone in the organization.
Taxonomy is the practice and science of naming, classifying, and defining relationships between resources, risks, goals and business processes in the enterprise. Without a risk taxonomy, or a risk breakdown structure, or operational risk event classification you can’t compare different types of risks across the enterprise because there is no common set of standards and way to manage relationships between different data types. If each area of the business uses its own terms to identify and classify risk, then the aggregated information will be subjective, incomplete, redundant, or flawed. In other words, without an ERM taxonomy, each silo and level within each silo is speaking a different “dialect of risk.”
How will a Risk Taxonomy framework help me?
With LogicManager you can help everyone speak the same dialect of risk to uncover opportunities and liabilities that are hidden within levels of each silo of your organization today.LogicManager’s patent–pending taxonomy technology makes it easy to create a common framework for all risks, readiness standards and balance scorecard objectives. Built–in libraries for use across the enterprise connects how a risk event in one functional area also affects other functional areas within your business.
LogicManager enables you to see inside your business processes to better allocate resources. Only LogicManager associates all the building blocks of your organization, such as vendors, IT & physical assets, used within a process, to specific risks, operating procedures and compliance activities.
Common, Centralized Repositories
LogicManager’s Taxonomy enables you to create structured, centralized repositories of all elements within your organization.- Business Processes
- Risks
- Goals
- Requirements
- Relationships – Vendors, Customers, Third-Parties
- Software Applications
- Physical Assets – Buildings, Servers, Data Centers, Plants, Equipment, Tools
- Data Repositories
- People
- Policies
- User Defined Applications – Models, Excel workbooks not tested by IT
- Create Central Profile of Information – Use our pre-defined fields or completely customize data collection fields for your organization’s needs. This allows you to collect and create a central Profile of information around each of these areas. For example, for Vendors capture contract renewal terms, and for Business Processes capture Recovery Time Objectives.
- Document Management – Ability to upload documents, link to shared applications, with version control and permission rights so that you can centrally store all information related to these areas. For example, store contracts and SSAE16 for Vendors, and leases for Physical Assets.
- Task Management – Create automatic reminder email triggers for due dates, renewal dates, monitoring dates, approvals, and change notifications
- Assessment Scoring – Use our pre-defined best practice assessment factors for each of these elements, or develop your own, enabling organizations to rate these elements to determine priority and criticality. Access scoring criteria and allow users to input explanations. You are able to view all assessment information historically to understand change and trends over time. For example, Risk Assess your Vendors, and conduct Business Impact Analysis for Business Processes.
Make & Manage Relationships
Through drag-and-drop, link each of these elements to any other element to create the network of resource relationships for your organization. For example, easily keep track of which Vendor provides which Applications, which Business Processes rely on these Applications, and which Employees within that Business Process should have access to the Application.LogicManager identifies the stuff the organization should worry about before surprises can occur, manages those things all in one place with everything connected to provide assurance up and down the line that these things are actually being done effectively.
The system knows that if you are worried about the same things, rely on the same resources, or are in an adjunct area, then you are connected and alerts people on important changes to things that they are connected to.
LogicManager achieves this by building the network of connections and data for your organization by linking together everyone’s individual pieces as they are contributed, just as Facebook or LinkedIn do socially, to provide insight and prioritize what needs to be done.
LogicManager even provides you with content to alert you to important changes in your industry and be prepared, so you know who and what resources are connected to an issue and need to be involved to get issues resolved and the priority.
Learn exactly what those building blocks are, what data is needed and where it is located. Visit our Knowledge Center to learn how taxonomy management makes it possible for a common platform to manage all types of risks across and within all business areas of your organization.
