Non-determinative risk simulation
First Claim
1. A computer implemented method of assessing risk associated with one or more assets for a business enterprise by comparing a non-determinative real risk score with a non-determinative simulated risk score, comprising the steps of:
- providing a compliance management system on one or more computers, wherein said one or more computers are connected to a network of said assets for allowing said compliance management system to access said network;
selecting an asset from said assets using the compliance management system;
providing a non-linear statistical data model, wherein said non-linear statistical data model is self-trainable using a feedback mechanism;
generating said non-determinative real risk score using the non-linear statistical data model by a risk analysis engine associated with the compliance management system, further comprising;
collecting one or more risk factors associated with said selected asset;
mapping the risk factors to risk factor values;
generating said non-determinative real risk score for the asset by providing said risk factor values to said non-linear statistical data model, the non-determinative real risk score being a measure of risk associated with the selected asset;
generating said non-determinative simulated risk score using the non-linear statistical data model by said risk analysis engine, comprising;
collecting one or more simulated risk factors associated with the selected asset, wherein the simulated risk factors further comprise one or more of simulated risk factors received by a risk simulation module and risk factors configured by a user using a user interface;
mapping said simulated risk factors to simulated asset risk values;
generating said non-determinative simulated risk score using said simulated asset risk values, wherein the non-determinative simulated risk score is a simulated measure of risk associated with the selected asset if the selected asset were to be associated with the simulated risk factors; and
,assessing said risk of the selected asset using the compliance management system, wherein said step of assessing the risk comprises comparing the non-determinative real risk score with the non-determinative simulated risk score by one or more of the compliance management system and said user of the compliance management system using said user interface;
whereby assessing the risk of the selected asset by comparing the non-determinative real risk score with the non-determinative simulated risk score enables the user to manage risk and compliancy of the assets of said business enterprise.
9 Assignments
0 Petitions
Accused Products
Abstract
Simulating risk circumstances can reveal new information to risk assessment personnel about how to mitigate risk. In one embodiment, the present invention includes selecting an asset from a plurality of heterogeneous assets of a business enterprise. The user can then input a plurality of simulated risk factors for the selected asset into the system which receives this input. The risk assessment system can then generate a non-determinative simulated risk score using the simulated risk factors, the simulated risk score being a simulated measure of risk associated with the selected asset if the selected asset were to be associated with the plurality of simulated risk factors.
56 Citations
22 Claims
-
1. A computer implemented method of assessing risk associated with one or more assets for a business enterprise by comparing a non-determinative real risk score with a non-determinative simulated risk score, comprising the steps of:
-
providing a compliance management system on one or more computers, wherein said one or more computers are connected to a network of said assets for allowing said compliance management system to access said network; selecting an asset from said assets using the compliance management system; providing a non-linear statistical data model, wherein said non-linear statistical data model is self-trainable using a feedback mechanism; generating said non-determinative real risk score using the non-linear statistical data model by a risk analysis engine associated with the compliance management system, further comprising; collecting one or more risk factors associated with said selected asset; mapping the risk factors to risk factor values; generating said non-determinative real risk score for the asset by providing said risk factor values to said non-linear statistical data model, the non-determinative real risk score being a measure of risk associated with the selected asset; generating said non-determinative simulated risk score using the non-linear statistical data model by said risk analysis engine, comprising; collecting one or more simulated risk factors associated with the selected asset, wherein the simulated risk factors further comprise one or more of simulated risk factors received by a risk simulation module and risk factors configured by a user using a user interface; mapping said simulated risk factors to simulated asset risk values; generating said non-determinative simulated risk score using said simulated asset risk values, wherein the non-determinative simulated risk score is a simulated measure of risk associated with the selected asset if the selected asset were to be associated with the simulated risk factors; and
,assessing said risk of the selected asset using the compliance management system, wherein said step of assessing the risk comprises comparing the non-determinative real risk score with the non-determinative simulated risk score by one or more of the compliance management system and said user of the compliance management system using said user interface; whereby assessing the risk of the selected asset by comparing the non-determinative real risk score with the non-determinative simulated risk score enables the user to manage risk and compliancy of the assets of said business enterprise. - View Dependent Claims (2)
-
-
3. A graphical user interface on a computer system for assessing risk associated with a plurality of heterogeneous assets of a business enterprise, the graphical user interface comprising:
-
a graphical tool to allow a user to select an asset from said plurality of heterogeneous assets on said computer system; a display unit that displays a plurality of real risk factors associated with the asset; said display unit that displays a real risk score associated with the asset, the real risk score being a measure of risk associated with the asset; an input area to allow a user to input a plurality of simulated risk factors for the asset using an input device of the computer system; and said display unit that displays a non-determinative simulated risk score associated with the asset, the simulated risk score being a simulated measure of risk associated with the asset if the selected asset were to be associated with the plurality of simulated risk factors. - View Dependent Claims (4, 5, 6, 7)
-
-
8. An apparatus for assessing risk associated with one or more assets comprising:
a processor connected to a network of said assets for allowing said apparatus to access said network, said processor comprising; an asset module stored on the apparatus to collect information about an asset selected from a plurality of heterogeneous assets of a business enterprise; a risk assessment module stored on the apparatus to determine a plurality of risk factors from the collected information; a risk simulation module stored on the apparatus to receive a plurality of simulated risk factors associated with the selected asset; and a risk analysis engine stored on the apparatus to generate a non-determinative simulated risk score using the simulated risk factors, the simulated risk score being a simulated measure of risk associated with the selected asset if the selected asset were to be associated with the plurality of simulated risk factors. - View Dependent Claims (9, 10, 11)
-
12. A machine-readable medium having stored thereon data representing instructions that, when executed by a processor of a risk management system, cause the processor to perform operations comprising:
-
selecting an asset from a plurality of heterogeneous assets of a business enterprise; receiving a plurality of simulated risk factors associated with the selected asset; and generating a non-determinative simulated risk score using the simulated risk factors, the simulated risk score being a simulated measure of risk associated with the selected asset if the selected asset were to be associated with the plurality of simulated risk factors. - View Dependent Claims (13, 14, 15)
-
-
16. A computer implemented method of assessing risk associated with an asset in a business enterprise by comparing a non-determinative real risk score with a non-determinative simulated risk score, comprising the steps of:
-
providing a compliance management system on one or more computers, wherein said one or more computers are connected to a network of assets for allowing said compliance management system to access said network; receiving said asset using said compliance management system; associating one or more policies with the asset using the compliance management system; calculating a compliance score for the asset based on said associated policies; generating said non-determinative real risk score for the asset by a risk analysis engine based on said calculated compliance score using one or more non-linear statistical data models, wherein said non-linear statistical data models are self trainable using a feedback mechanism; generating said non-determinative simulated risk score for the asset by said risk analysis engine based on the calculated compliance score using said non-linear statistical data models; and comparing said determined non-determinative real risk score with said determined non-determinative simulated risk score by the compliance management system; whereby the risk is assessed for the asset to manage risk and compliancy of the asset. - View Dependent Claims (17, 18)
-
-
19. A computer implemented system for assessing risk associated with an asset in a business enterprise, comprising:
a compliance management system implemented on one or more computers, said one or more computers connected to a network of assets for allowing said compliance management system to access said network, said compliance management system comprising; an asset module stored on said one or more computers for receiving said asset; a policy module stored on said one or more computers for associating one or more policies with the asset and for calculating a compliance score for the asset based on said associated policies; a risk management module stored on said one or more computers for determining a non-determinative real risk score for the asset based on said calculated compliance score using a non-linear statistical data models and for determining a non-determinative simulated risk score for the asset based on the calculated compliance score using said non-linear statistical data models; and a user interface on said one or more computers for comparing said determined non-determinative real score with said determined non-determinative simulated risk score. - View Dependent Claims (20, 21)
-
22. A computer implemented method of assessing risk associated with one or more assets for a business enterprise by comparing a non-determinative real risk score with a non-determinative simulated risk score, comprising the steps of:
-
providing a compliance management system on one or more computers, wherein said one or more computers are connected to a network of said assets for allowing said compliance management system to access said network; selecting an asset from said assets using the compliance management system; providing a non-linear statistical data model, wherein said non-linear statistical data model is self-trainable using a feedback mechanism; generating said non-determinative real risk score using the non-linear statistical data model; generating said non-determinative simulated risk score using the non-linear statistical data model; and
,assessing said risk of the selected asset using the compliance management system, wherein said step of assessing the risk comprises comparing the non-determinative real risk score with the non-determinative simulated risk score by one or more of the compliance management system and said user of the compliance management system using a user interface; whereby assessing the risk of the selected asset by comparing the non-determinative real risk score with the non-determinative simulated risk score enables the user to manage risk and compliancy of the assets of said business enterprise.
-
Specification