|
Solution: Envision
Risks for Business |
|
Analyze, manage, develop and
capitalize on your risk analysis
|
 Operational
and financial risks
Risks on the
processes and activities of organizations: Financial - Real Estate - Health
...
The
method is based on the mapping of process and activities of organizations
whose failures can cause risks with financial consequences, delays,
deterioration in quality, image and so on.
Operational risk means the risk that the organization, its players and the
external environment pose to the organization (bank, real estate etc.)
See:
Operational and financial risks models
 Risk
analysis: an issue beyond the banking sector
Standardization work carried out in the banking sector have brought up to
date the concept of operational risk. If this risk by itself is not new,
changes in banking regulations replace it as a primary concern through the
standards commonly known as "Basel II".
Click on image to enlarge the
operational and financial risks models
The Basel II
Committee conducted a quantitative analysis of these risks on a hundred of
schools: the results indicate the frequency and cost of high operational
incidents. They generate an average of nearly 90 million euro loss. A more
detailed analysis shows that if the higher claims are also better covered
(fire, water damage), it is finally the diversity of risks not covered that
explains the importance of the final cost
Under the
circumstances, the risk analysis can be done independently of any prior
mapping or integrated with the mapping of business processes with
Envision Process. |
Documentation and prices
|
see also
|
|
Solution key points
|
Information leveraging solutions
tailored to each enterprise and its projects.
In France since 1989
 |
IT Risks analysis model
|
Envision Risks
IT includes two phases:
-
The
mapping of IT applications and systems (possibility of recovery if already
done)
This is the starting point of the risks analysis. It is a graphical
representation of IT applications, systems and networks.
-
Risk
analysis on the IT applications, systems and networks
-
Search for sources of hazard on the IT
applications and technical systems diagrams by crossing with the
typology list of risks
-
Qualitative and quantitative definition
of risk. Risk = Hazard * Frequency (probability) * * Acceptability
Severity (consequences)
-
Establishment of technical barriers and
procedures on events, with qualification and quantification (coverage,
cost, cost of the target) to make the risks acceptable. Monitoring the
impact of barriers on the criticality of risk G * P (* Gravity
Probability). Analysis of new risks possibly caused by the barriers
themself, to get the residual risk.
-
Barriers performance management:
cost of the barrier / Performance (coverage) / Cost of the target.
-
Negotiating levels of criticality and
ranking risks. Monitoring the evolution of criticality in relation to a
target.
-
Archiving incidents and corrections made
in the process - activities - barriers. Continuous reclassification of
risks criticality following the recorded incidents analysis (management
feedback integrated).
-
Automatic generation and real-time up to
date actions plan (barriers), dashboards and so on. Depending on your
format: HTML / Word / Excel or Internet / Intranet publication
Click on image to enlarge |
Business domains of the enterprise |
Domain's IT applications and hazards (risks) |
Entity's technical systems and hazards |
Hazard's failure tree of an IT application or a technical
system |
 |
|
|
CASE France copyright - 05/01/2016