System and method for risk detection reporting and infrastructure
First Claim
1. A system, comprising:
- a processor;
a memory coupled to the processor, wherein the memory containsdata regarding one or more supply chain elements stored in an electronic format in the memory, wherein a plurality of data relating to the one or more supply chain elements comprises a data instance, anda software program to be run by the processor that includes instructions that provide for the following;
categorizing the one or more supply chain elements each according to one or more risk categories, wherein each of the one or more risk categories comprises an associated range of values and the supply chain elements comprise a derived value whose magnitude indicates at least one of a relative degree of risk and risk of a particular type,accessing the memory to identify a first data instance,weighing the first data instance against at least one of the one or more risk categories to arrive at a value for such data instance under the at least one of the one or more risk categories against which the first data instance is weighed, wherein the value for the data instance under the at least one of the one or more risk categories against which the data instance is weighed varies depending on a selected risk policy of a plurality of risk policies, wherein each of the plurality of risk policies is defined by a plurality of risk categories, wherein each of the plurality of risk categories is defined by a range of values, wherein each of the plurality of risk policies comprises one or more predetermined values or ranges of values for one or more of the risk categories,determining each of the predetermined values or ranges of values based on the value of a threat times the probability of the occurrence of a threat outcome, wherein the occurrence of the threat is analyzed using the processor based on a source, transparency, character, logic and trust of the data relating to the one or more supply chain elements;
determining whether the first data instance is acceptable under a first risk policy, wherein acceptance is dependent on a combination of each value for such data instance under each of the one or more risk categories against which the first data instance is weighed as compared to the predetermined values or ranges of values of the selected risk policy.
15 Assignments
0 Petitions
Accused Products
Abstract
A method, a system, and a device for monitoring risks associated with at least one business process, including: evaluating at least one of a plurality of document instances, wherein each of the document instances includes, in association therewith, a plurality of document values, against a plurality of risk categories; implementing the plurality of risk categories pursuant to at least one acceptable risk policy approved for the at least one business process; and qualifying at least one of the at least one of the plurality of documents pursuant to an approval rating of the at least one document in at least one risk category. The system, method, and device efficiently monitor risk, and allow for flexibility in modifying or updating risk policy.
-
Citations
19 Claims
-
1. A system, comprising:
-
a processor; a memory coupled to the processor, wherein the memory contains data regarding one or more supply chain elements stored in an electronic format in the memory, wherein a plurality of data relating to the one or more supply chain elements comprises a data instance, and a software program to be run by the processor that includes instructions that provide for the following; categorizing the one or more supply chain elements each according to one or more risk categories, wherein each of the one or more risk categories comprises an associated range of values and the supply chain elements comprise a derived value whose magnitude indicates at least one of a relative degree of risk and risk of a particular type, accessing the memory to identify a first data instance, weighing the first data instance against at least one of the one or more risk categories to arrive at a value for such data instance under the at least one of the one or more risk categories against which the first data instance is weighed, wherein the value for the data instance under the at least one of the one or more risk categories against which the data instance is weighed varies depending on a selected risk policy of a plurality of risk policies, wherein each of the plurality of risk policies is defined by a plurality of risk categories, wherein each of the plurality of risk categories is defined by a range of values, wherein each of the plurality of risk policies comprises one or more predetermined values or ranges of values for one or more of the risk categories, determining each of the predetermined values or ranges of values based on the value of a threat times the probability of the occurrence of a threat outcome, wherein the occurrence of the threat is analyzed using the processor based on a source, transparency, character, logic and trust of the data relating to the one or more supply chain elements; determining whether the first data instance is acceptable under a first risk policy, wherein acceptance is dependent on a combination of each value for such data instance under each of the one or more risk categories against which the first data instance is weighed as compared to the predetermined values or ranges of values of the selected risk policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method implemented using a microprocessor running a software program stored in a memory, comprising:
-
accessing data regarding one or more supply chain elements stored in an electronic format in the memory, wherein a plurality of data relating to the one or more supply chain elements comprises a data instance; categorizing one or more supply chain elements each according to one or more risk categories via the microprocessor, wherein each of the one or more risk categories comprises an associated range of values and the supply chain elements comprise a derived value whose magnitude indicates at least one of a relative degree of risk and risk of a particular type; accessing the memory to identify a first data instance; weighing the first data instance against at least one of the one or more risk categories to arrive at a value for such data instance under the at least one of the one or more risk categories against which the first data instance is weighed, wherein the value for the data instance under the at least one of the one or more risk categories against which the data instance is weighed varies depending on a selected risk policy of a plurality of risk policies, wherein each of the plurality of risk policies is defined by a plurality of risk categories, wherein each of the plurality of risk categories is defined by a range of values, wherein each of the plurality of risk policies comprises one or more predetermined values or ranges of values for one or more of the risk categories; determining each of the predetermined values or ranges of values based on the value of a threat times the probability of the occurrence of a threat outcome, wherein the occurrence of the threat is analyzed using the processor based on a source, transparency, character, logic and trust of the data relating to the one or more supply chain elements; determining whether the first data instance is acceptable under a first risk policy, wherein acceptance is dependent on a combination of each value for such data instance under each of the one or more risk categories against which the first data instance is weighed as compared to the predetermined values or ranges of values of the selected risk policy.
-
Specification