×

Method and system for managing risks

  • US 7,505,918 B1
  • Filed: 05/26/2006
  • Issued: 03/17/2009
  • Est. Priority Date: 05/26/2006
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for determining compliance with organizational business policies associated with a business risk, said method comprising:

  • a. a computer receiving a user selection of a business risk element from a business risk element list which is displayed to the user, said business risk element list being retrieved from a database coupled to said computer;

    b. in response to the selection of said business risk element, the computer retrieving one or more predetermined control procedures, the control procedures identified by an administrator as a means for complying with business policies associated with said selected business risk element;

    c. the computer associating said one or more predetermined control procedures with said selected business risk element, said predetermined control procedures being stored in said database;

    d. in response to the retrieving of the control procedures, the computer retrieving a weight assigned to each one of said predetermined control procedures, said weight being stored in said database;

    e. the computer receiving a user selection of a compliance rating for each said predetermined control procedure, the rating selected by the user indicating a level of compliance with each one of said predetermined control procedures, for each of said predetermined control procedures the level of compliance is a subjective rating selected from a rigid set of compliance ratings, the same set of compliance ratings is available for each of said predetermined control procedures; and

    f. the computer calculating a compliance score, said compliance score being a function of said assigned weights and said compliance ratings of said predetermined control procedures.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×