Forwood Enterprise Risk Assurance is delivered as a Software as a Service (SaaS), and has been designed and built to enable the effective management of all risks in an organization. This includes as a minimum health & safety, environment, legal, finance, reputation, and community.
Forwood Enterprise Risk Assurance is a fully integrated solution that uses the latest cutting edge technology. The system facilitates rapid access and insight into an organizations’ risk governance status and the effectiveness of identified and applied mitigation strategies and controls.
With a simple intuitive user interface the Forwood Enterprise Risk Assurance solution enables:
The assignment of accountabilities and ownership of organization material risks,
The development of Bow-ties and identification of critical controls,
The establishment of control performance criteria,
Control effectiveness profiling and testing,
Forwood is a Technology Partner with Amazon Web Services and all cloud hosting infrastructure is deployed on AWS.
The Forwood Enterprise Risk Assurance system consists of a large range of modules. A brief overview of the most common modules is detailed below:
Enterprise Master Data
The Enterprise Master Data module manages the entire company taxonomy and provides the basis for modelling your business details for the purpose of enterprise risk assurance. This is also where accountabilities such as risk and control owners are defined and managed.
The Risk Definition Module allows administrators to set the context for standardized risk and control management including Risk/Control Master Data and Critical Control Performance Standards.
The Risk Analysis Module is inclusive of the Initial Risk Assessments and Bow-tie Analysis. It enables a ‘best practice approach’ to be performed with Risk Identification and Evaluation.
The Risk Evaluation Module is used to evaluate risks with the goal to manage material risks to a tolerable level within the organization. Outputs from the Bow-ties are fully integrated with their preventative and mitigating controls. Scheduled Control Effectiveness Tests (CET’s) ensure that critical controls for enterprise risks are evaluated and monitored.
The Risk Evaluation Module is powered by a cascaded workflow, which guides the risk and control owners (and other stakeholders) through a continuous improvement cycle.
Action management is an integral part of all modules within the Enterprise Risk Assurance system. Actions are reportable by various roles such as the initiator, responsible person and their organizational structure. Actions have a direct link to risk reduction.
Reporting and Dashboards
The Reporting Module provides a multitude of predefined reports. The module also includes customizable dashboards at the enterprise level.