At its heart, the Nintex Promapp® Risk Manager connects identified business risks with the core processes that they affect and makes that information visible and relevant to the people who need to see it.
Rather than relegating risk content to dusty manuals, it’s present within the process documentation in an easy to access and understand cloud platform that teams engage with on a daily basis.
With risks connected to business processes, users can see at a glance what the danger is in any step – what the organization could be exposed to should something go wrong – and act accordingly. It makes the risk visible and provides a way for risk managers to engage the relevant teams in conversation if change needs to happen.
When changes are made to relevant processes, the risk managers are informed by email and in-app notification so they can address the potential changes and consider the implications of the update. Risk managers can also be added as process approvers, so they can review the potential exposure before changes are implemented and discuss the ramifications with other stakeholders and the process authors.
Making risk visible
The Nintex Promapp® risk feature makes it easy to see and understand the organization’s risk exposure. The risk heat-map shows at a glance where the existing risks sit in terms of severity and likelihood, and a modified view compares the same risks in their controlled state.
Each risk is assigned to a category, with classifications within those to clarify what specific circumstances the risk applies to. Risk portfolios like this can be set up to suit the shape and structure of your organization, with managers assigned to each.
Within these portfolios, the risk rating criteria and scores are customizable. That means the risk definitions are standardized across the business, but still customized within the portfolios, because a catastrophic risk in the manufacturing plant has a very different profile to a financial risk of the same magnitude.
By refining the categories and classifications, risk managers can indicate where those risks are likely to have the greatest impact, and through those categories produce granular reporting on things like compliance, environmental risk, financial risk, or specific operations.
When controls are decided, they’re associated with specific risks, either as a statement of what has been done or through a process that implements the control. Stakeholders sign off that the controls are in place, and can be required to provide evidence such as images or documentation to support the signoff and provide a complete audit trail for compliance measures.
Where the controls aren’t being observed, the users can mark non-compliance, and flag action for the risk manager to investigate.
Where a control links to a process, that process can easily be accessed with a click. The process indicates where the control comes into effect and why, with an easy-to-spot icon and pop-up information box.
The reference point also links back to the risk portfolio, meaning the information can be accessed from either end for a full picture of the risk and control relationship.
Manage risks with your processes
Understanding business risk is just the beginning of managing it. Having a strong and easy to use platform that integrates effective risk management with everyday processes is an essential step to ensure that what businesses recognize as hazards are understood and avoided at every level.
When risk managers, compliance experts, and front-line teams cooperate on risk management, it ensures that precautions are effective and both the operations and the enterprise itself are as secure as they can be.
Interested in learning more about the Nintex Platform and how it can help your business navigate risk management? Click here to request a live demo to see what Nintex can do for you.