Cloud-based GRC Tools

View All
Request a Demo
Contact Us

Risk Management

Risk is intrinsic to every business and managing risk is an increasingly important business driver. The Risk Management module offers a cloud-based tool to centralize and streamline the administration of your risk management program, whether at the enterprise or line-of-business level. 

Based on the principles of ISO 31000:2009, Risk management - Principles and guidelines, the Risk Management module helps you establish context, assess risks (identify, analyze, and evaluate), treat risks, monitor and review risks, and communicate and consult on risks.
Assess. Treat. Monitor. Communicate.
  • Identify and document risks that may impact your business with standard and custom attributes, including Risk Name, Risk ID, Category, Owner, Risk Team, Description, Primary Objective, Secondary Objective, Review Frequency, etc.
    • Standard fields that include drop-downs or check-boxes are fully customizable with you information.
  • Analyze risks by defining inherent risk levels, identifying existing controls, and determining the resulting residual risk levels.
    • Standard attributes include, Inherent Risk Level (a calculated field based on the Likelihood of the risk happening and potential Impact), Mitigators/Controls, and Residual Risk Level (also calculated based on independent Likelihood and Impact).
    • Risk Levels are color-coded for a quick visual analysis.(Risk level calculations and color-coding are customizable to meet risk matrix settings.)
  • Evaluate the controls and mitigators in place and the resulting residual risk level to determine whether the risk is acceptable or unacceptable based on attitude, appetite and tolerance for risk.
  • Ensure that effective strategies are in place to minimize the frequency and severity of each risk with defined Action Plans.

Monitor and Review
  • Ensure structured reviews and regular monitoring occur with standard and customized workflow processes.

Communicate and Consult
  • Communicate and consult with internal and external stakeholders via convenient dashboards, heat maps, and other reports.


  1. Centralized Management
    Centralized Management
    One location for managing (and viewing) all identified Risks.
  2. Flexible Dashboard Reporting
    Flexible Dashboard Reporting
    Pie charts, bar graphs, and heat maps help to get a quick look at current risk levels.
  3. Standard and Custom Workflows
    Standard and Custom Workflows
    Monitor Risk reviews with standard and custom workflows including issue tracking and action plans.
  4. Custom Risk Attributes
    Custom Risk Attributes
    Create a unique risk profile with standard and custom attributes.
  5. Color-coded Risk Levels
    Color-coded Risk Levels
    Color code risk levels to easily identify problem areas.
  6. Custom Views
    Custom Views
    Create private and shared views based on your filters and columns to be displayed.