Learn More
- Covalent CPM Overview
- Key Performance Indicators (KPIs)
- Action Plans/Projects
- Compliance
- Strategies
- Complaints & Feedback
- Consultations
- Reports
- Web Publishing
- Views
- What is CPM software?
- The Covalent approach to CPM
- The benefits that Covalent CPM delivers
- Why specialist CPM software?
- CPM Screenshots
- Covalent CPM Customers
Next Steps
Ezine
Covalent Risks - Mitigate high impact/likelihood business risks
Covalent Risks brings your risk registers to life with traffic-lighting that focuses risk owners' attention on areas of concern and enables them to track progress with mitigation actions and continuously monitor effectiveness of internal controls.
- Everyone uses a consistent risk assessment method. Covalent enforces a consistent scoring approach on a matrix mapping likelihood of risk occurrence and risk impact. This makes it easy to compare risk profiles across the organisation on the same basis. Staff understand the process better with this powerful tool can bring risk management into their day-to-day work.
- Proactively manage risks, with regular reassessments. Covalent constantly tracks against due dates and emails reminders to owners when a risk is due for re-assessment or alerts when things change that they need to know about. This saves massive time and effort continually checking progress with people by phone or personal email.
- Monitor effectiveness of internal controls. Register details of the internal controls that have been put in place and the assessment of their effectiveness. Consolidate all supporting information, such as risk profile, risk factors or potential effect.
- Track progress on mitigation action plans. Create actions to mitigate or reduce the impact of certain risks. Each action is specified with a deadline date, and assigned to a particular person, so Covalent can tell you at any time whether that action is completed or what progress has been made with it.
Risk repository
Organise your risk registers in a tree hierarchy mirroring your organisation's risk management framework. Identify issues at a glance with traffic-lighting that brings your risk registers to life and focuses people's attention on areas of concern. Give risk owners personalised, one-click access to risks they're responsible for, with exception reporting to highlight changes.
Objectives based risks
Map risks to corporate or service objectives to assess the impact of individual risks on achieving those objectives. Provide leaders complete oversight of objectives performance at all organisational levels. Give managers clear visibility of the objectives and risks within their domain, and their contribution to the bigger picture.
Heat map
Assess risks on a likelihood/impact matrix, with each cell position traffic-lighted and equivalent to an overall risk score. At the risk register level, a heat map shows a count of the number of risks for each of the risk scores. Review the dates, status and outcome of all previously conducted risk assessments. Create a pre-defined schedule, with due dates, for re-assessing risks, against which the email reminders will be sent to risk owners.
Risk profile
Record profile information such as risk factors, potential effect, guidance and internal controls in place for each risk. Record separate scores for original (inherent), current (residual) and target risk scores, with different review dates for each.
Remedial controls
Evaluate risks to determine whether the risks are acceptable (to be monitored and periodically reviewed) or unacceptable (and to be further controlled). Specify how the risk will be handled (e.g. treat, terminate, tolerate, transfer) by selecting from a configurable drop-down list. Define mitigation controls by referencing the COSO Internal Controls framework. Monitor effectiveness of internal controls that have been put in place and check whether a specific control was tested and now requires a remedial action plan.
Treatment plans
Specify how the risk will be handled (e.g. treat, terminate, tolerate, transfer) by selecting from a configurable drop-down list. Create actions to mitigate or reduce the impact of certain risks. Specify a deadline date for each action, and assign to a particular person. Continuously monitor the effectively on internal controls.
Key risk indicators (KRIs)
Create KRIs to act as early warning signals of potential risk situations before an event actually occurs. Record indicator measurement data over time to highlight trends and changes in an organisation's risk profile. Specify KRI thresholds (red, amber and green levels) relative to target values. Aggregate multiple KRIs into an overall indicator for enhanced insight.
We've now moved all risk management onto Covalent from the old Excel based system. The great benefit is that PIs, Actions and Risks can be properly tied together so a risk has a mitigation action plan and indicator attached. Covalent makes all our risk schedules very accessible and is far better than what we had before.
It was very easy to draw up the framework, assessments of impact and likelihood were done live by a group using our video link, and even our Internal Auditor thought it was excellent.
