Request failed with status code 502

Risk Management

Learn how to implement Asset, Third Party and Business Risk Management in eramba. Given the large number of relationships that Risks have with other modules, this course is probably the longest in our entire curricula.

  • Episodes16
  • Duration5h 58m 50s
  • LanguagesEN
Episode 3

Problems & Solutions

Problems & Solutions

The key points are:

  • GRC (Governance, Risk, and Compliance) is a practice where every organization implements it slightly differently, similar to how companies approach sales or marketing.

  • In eramba, the core modules are risks, compliance management, and data privacy. These represent the "problems" that the organization needs to address.

  • The "solutions" in eramba are internal controls, policies, exceptions, and projects. These are used to address the problems identified in the core modules.

  • The first principle in eramba is to link the problems (risks, compliance requirements, data flows) to the solutions (controls, policies, exceptions, projects) that the organization has in place.

  • The second principle is the use of statuses to indicate whether the solutions are actually working as intended, such as whether policies have been reviewed, controls have been tested, and projects are on track.

  • The statuses are crucial because they provide visibility into whether the organization is truly addressing the problems it has identified, not just having solutions "on paper".