Risk mitigation management

US 20050197952A1
Filed: 08/13/2004
Published: 09/08/2005
Est. Priority Date: 08/15/2003
Status: Abandoned Application

First Claim

Patent Images

1. A risk management and mitigation system comprising:

a risk data management module adapted to receive information associated with one or more risks;

a messaging module adapted to forward one or more messages to one or more users based on the information; and

a task module adapted to manage one or more actions associated with the one or more risks and one or more users, wherein the one or messages and the one or more actions provide a risk management framework.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Risk mitigation and management is provided through an executive management application for the active management of operational risks, derived from exposure to factors that threaten strategic objectives related to operations, strategy, regulation and recording priorities. This system is based on a architecture that automates the Committee Of Sponsoring Organizations (COSO) framework for enterprise risk management, using the objective, risk, control and actions (ORCA) methodology to actively manage risk at the business unit level. This business process and feedback mechanism actively isolates, evaluates and escalates risks and controls in an interactive, proactive and dynamic manor. Workflow, alerts, messaging and roles and permission profiles route risk information to all relevant entities to ensure enterprise-wide visibility of, for example, a companies overall risk exposure.

184 Citations

43 Claims

1. A risk management and mitigation system comprising:
- a risk data management module adapted to receive information associated with one or more risks;
  
  a messaging module adapted to forward one or more messages to one or more users based on the information; and
  
  a task module adapted to manage one or more actions associated with the one or more risks and one or more users, wherein the one or messages and the one or more actions provide a risk management framework.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The system of claim 1, further comprising a user module adapted to manage permissions associated with one or more users.
  - 3. The system of claim 1, further comprising a roles module adapted to assign and manage one or more roles associated with one or more users, wherein the roles are associated with a branch of an organizational structure.
  - 4. The system of claim 1, further comprising an organizational module adapted to receive and manage an organizational tree associated with an entity.
  - 5. The system of claim 1, further comprising a subscriptions management module adapted to manage one or more subscriptions, the one or more subscriptions specifying one or more roles or one or more users that receive notifications upon the occurrence of an event.
  - 6. The system of claim 5, wherein an event includes creation or modification of the information.
  - 7. The system of claim 1, further comprising an administration module adapted to perform one or more of system management, message management, notice management, roles management, settings management, user administration and organization management.
  - 8. The system of claim 1, wherein risk-defining classifications allow the one or more users to uniquely model compliance initiatives, risk assessment factors, and processes.
  - 9. The system of claim 1, further comprising a user interface adapted to display risk information, task information and notice information.
  - 10. The system of claim 9, wherein the one or more risks within the user interface can be sorted by business unit and risk type.
  - 11. The system of claim 1, further comprising a risk profile interface adapted to display ratings and scores associated with the one or more risks.
  - 12. The system of claim 11, wherein the ratings and scores can be one or more of graphically displayed, color coded, numerically represented and verbally summarized.
  - 13. The system of claim 1, further comprising a document management module adapted to receive and associate one or more documents with the one or more risks.
  - 14. The system of claim 1, wherein the one or more actions reflect corporate governance and risk management policies.
  - 15. The system of claim 1, wherein controls are associated with the one or more actions and outline one or more of internal and external business processes related to compliance, people, systems and threats.
  - 16. The system of claim 1, further comprising a loss event module adapted to track information related to one or more loss events.
  - 17. The system of claim 1, further comprising a history module capable of preserving any changes that occur within the risk management and mitigation system.
  - 18. The system of claim 1, wherein the one or more risks are associated with one or more objectives that relate to one or more of the areas of operations, regulations, strategy, governance and financial reporting.
  - 19. The system of claim 1, wherein the one or more actions are assigned to an assignee, an assignee interface being updated to reflect the one or more assigned actions.
  - 20. The system of claim 1, wherein the risk management and mitigation system is dynamically updated as the information associated with the one or more risks changes.

21. A risk management and mitigation method comprising:
- receiving information associated with one or more risks;
  
  forwarding one or more messages to one or more users based on the information; and
  
  managing one or more actions associated with the one or more risks and one or more users, wherein the one or messages and the one or more actions provide a risk management framework.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 33, 34, 35, 36, 37, 38, 39, 40)
- - 22. The method of claim 21, further comprising managing permissions associated with one or more users.
  - 23. The method of claim 21, further comprising assigning and managing one or more roles associated with one or more users, wherein the roles are associated with a branch of an organizational structure.
  - 24. The method of claim 21, further comprising receiving and managing an organizational tree associated with an entity.
  - 25. The method of claim 21, further comprising managing one or more subscriptions, the one or more subscriptions specifying one or more roles or one or more users that receive notifications upon the occurrence of an event.
  - 26. The method of claim 25, wherein an event includes creation or modification of the information.
  - 27. The method of claim 21, further comprising performing one or more of system management, message management, notice management, roles management, settings management, user administration and organization management.
  - 28. The method of claim 21, wherein risk-defining classifications allow the one or more users to uniquely model compliance initiatives, risk assessment factors, and processes.
  - 29. The method of claim 21, further comprising displaying risk information, task information and notice information.
  - 30. The method of claim 29, wherein the one or more risks within the user interface can be sorted by business unit and risk type.
  - 33. The method of claim 21, further comprising receiving and associating one or more documents with the one or more risks.
  - 34. The method of claim 21, wherein the one or more actions reflect corporate governance and risk management policies.
  - 35. The method of claim 21, wherein controls are associated with the one or more actions and outline one or more of internal and external business processes related to compliance, people, systems and threats.
  - 36. The method of claim 21, further comprising tracking information related to one or more loss events.
  - 37. The method of claim 21, further comprising a history module capable of preserving any changes that occur within the risk management and mitigation system.
  - 38. The method of claim 21, wherein the one or more risks are associated with one or more objectives that relate to one or more of the areas of operations, regulations, strategy, governance and financial reporting.
  - 39. The method of claim 21, wherein the one or more actions are assigned to an assignee, an assignee interface being updated to reflect the one or more assigned actions.
  - 40. The method of claim 21, further comprising dynamically updating the information associated with the one or more risks.

31. The method of claim 31, further comprising displaying ratings and scores associated with the one or more risks.
- View Dependent Claims (32)
- - 32. The method of claim 31, wherein the ratings and scores can be one or more of graphically displayed, color coded, numerically represented and verbally summarized.

41. A risk management and mitigation system comprising:
- means for receiving information associated with one or more risks;
  
  means for forwarding one or more messages to one or more users based on the information; and
  
  means for managing one or more actions associated with the one or more risks and one or more users, wherein the one or messages and the one or more actions provide a risk management framework.

42. An information storage media having information stored thereon to perform risk management and mitigation comprising:
- information that receives information associated with one or more risks;
  
  information that forwards one or more messages to one or more users based on the information; and
  
  information that manages one or more actions associated with the one or more risks and one or more users, wherein the one or messages and the one or more actions provide a risk management framework.

43. A testing and auditing method comprising ensuring oversight, testing auditing and certifying of a control environment in an automated, secure and audit trailed fashion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Providus Software Solutions, Inc. (Wolters Kluwer Nv)
Original Assignee
Providus Software Solutions, Inc. (Wolters Kluwer Nv)
Inventors
Stone, David, Shea, Edward, Haug, Ralf, Evans, Andy, Baechtold, Ed

Application Number

US10/917,368
Publication Number

US 20050197952A1
Time in Patent Office

Days
Field of Search
US Class Current

705/38
CPC Class Codes

G06Q 40/03 Credit; Loans; Processing t...

G06Q 40/08 Insurance

Risk mitigation management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

184 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Risk mitigation management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

184 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links