Data management for top-down risk based audit approach
First Claim
Patent Images
1. A method comprising:
- storing a first link that links a first risk to an account group in a first table in a data structure of a database;
storing a second link that links a second risk to a control objective in a second table in the data structure, wherein the control objective is an objective of a control for managing risk; and
performing, by a computing device, risk management by accessing both the first risk through the account group and the second risk through the control objective, wherein the risk management requires that the first risk is accessible due to the account group being accessed first from the data structure before accessing the first risk and the second risk is accessible due to the control objective being accessed first from the data structure before accessing the second risk, wherein performing risk management comprises;
accessing the account group from the data structure;
accessing the first link in the first table, the first link accessible via accessing the account group;
accessing the first risk using the first link, wherein the first risk is accessible due to the account group being accessed first from the data structure and then the first link being accessed via the account group and used to access the first risk;
accessing the control objective from the data structure;
accessing the second link in the second table, the second link accessible via the control objective; and
accessing the second risk using the second link, wherein the second risk is accessible due to the control objective being accessed first from the data structure and then the second link being accessed via the control objective and used to access the second risk.
2 Assignments
0 Petitions
Accused Products
Abstract
Particular embodiments generally relate to providing risk management. In one embodiment, a first risk is linked to an account group assertion in a data structure. A second risk is linked to a control objective in the data structure. Access to the first risk is granted through the account group'"'"'s assertion. Access to the second risk is granted through the control objective. Risk management is then performed using the accessed first risk and second risk.
28 Citations
20 Claims
-
1. A method comprising:
-
storing a first link that links a first risk to an account group in a first table in a data structure of a database; storing a second link that links a second risk to a control objective in a second table in the data structure, wherein the control objective is an objective of a control for managing risk; and performing, by a computing device, risk management by accessing both the first risk through the account group and the second risk through the control objective, wherein the risk management requires that the first risk is accessible due to the account group being accessed first from the data structure before accessing the first risk and the second risk is accessible due to the control objective being accessed first from the data structure before accessing the second risk, wherein performing risk management comprises; accessing the account group from the data structure; accessing the first link in the first table, the first link accessible via accessing the account group; accessing the first risk using the first link, wherein the first risk is accessible due to the account group being accessed first from the data structure and then the first link being accessed via the account group and used to access the first risk; accessing the control objective from the data structure; accessing the second link in the second table, the second link accessible via the control objective; and accessing the second risk using the second link, wherein the second risk is accessible due to the control objective being accessed first from the data structure and then the second link being accessed via the control objective and used to access the second risk. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium containing instructions for controlling a computer system to perform a method, the method comprising:
-
storing a first link that links a first risk to an account group in a first table in a data structure of a database; storing a second link that links a second risk to a control objective in a second table in the data structure, wherein the control objective is an objective of a control for managing risk; and performing risk management by accessing both the first risk through the account group and the second risk through the control objective, wherein the risk management requires that the first risk is accessible due to the account group being accessed first from the data structure before accessing the first risk and the second risk is accessible due to the control objective being accessed first from the data structure before accessing the second risk, wherein performing risk management comprises; accessing the account group from the data structure; accessing the first link in the first table, the first link accessible via accessing the account group; accessing the first risk using the first link, wherein the first risk is accessible due to the account group being accessed first from the data structure and then the first link being accessed via the account group and used to access the first risk; accessing the control objective from the data structure; accessing the second link in the second table, the second link accessible via the control objective; and accessing the second risk using the second link, wherein the second risk is accessible due to the control objective being accessed first from the data structure and then the second link being accessed via the control objective and used to access the second risk. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. An apparatus comprising:
-
one or more computer processors; and a computer-readable storage medium comprising instructions for controlling the one or more computer processors to be operable for; storing a first link that links a first risk to an account group in a first table in a data structure of a database; storing a second link that links a second risk to a control objective in a second table in the data structure, wherein the control objective is an objective of a control for managing risk; and performing risk management by accessing both the first risk through the account group and the second risk through the control objective, wherein the risk management requires that the first risk is accessible due to the account group being accessed first from the data structure before accessing the first risk and the second risk is accessible due to the control objective being accessed first from the data structure before accessing the second risk, wherein performing risk management comprises; accessing the account group from the data structure; accessing the first link in the first table, the first link accessible via accessing the account group; accessing the first risk using the first link, wherein the first risk is accessible due to the account group being accessed first from the data structure and then the first link being accessed via the account group and used to access the first risk; accessing the control objective from the data structure; accessing the second link in the second table, the second link accessible via the control objective; and accessing the second risk using the second link, wherein the second risk is accessible due to the control objective being accessed first from the data structure and then the second link being accessed via the control objective and used to access the second risk.
-
Specification