Protecht Advisory

Specialists in Financial and Operational Risk Management

Web-based Operational Risk Management System (WORMS)

E-mail Print PDF

Web-based Operational Risk Management SystemA fully-integrated web-based operational risk management software, WORMSTM is designed to provide you with an easy to implement enterprise-wide risk management and compliance solution that is based on best practice operational risk management. This cross-functional system enables you to identify, evaluate and manage your organisation's risks and compliance.

It contains all elements of total enterprise risk management covering:

  • Risk and control self assessment
  • Compliance and control attestation
  • Incident Recording (OHS, Fraud, Security...)
  • Key Risk Indicators (KRIs)
  • Action tracking
  • Comprehensive and flexible reporting
  • Flexible workflow rules for monitoring and escalation of the above features
 Learn more about WORMS:

WORMS is scalable from the smallest corporate to the largest bank and can come pre-populated with many risks, controls and key risk indicators relevant to your business.

Back to top

Key Features of the WORMS Software

Protecht's Web-based Operational Risk Management System is created by practitioners who take enterprise-wide risk management further through innovative approaches. To help your organisation adapt to industry developments, we have integrated the following key features to WORMS:

  • System access via a secure internet/intranet connection making company-wide deployment quick, convenient and easy.
  • Set-up flexibility that allows tailoring to your own organisational structures and policies.
  • Comprehensive self-assessment functionality that allows evaluation of your business unit risks and controls.
  • Key risk indicator monitoring and reporting to provide an ‘early warning system' for potential hotspots.
  • Comprehensive recording of loss events covering direct losses, indirect losses and near misses.
  • Flexible incident register design to allow any type of register to be created - OHS, Compliance Breach, Fraud, Security, Operational Risk Losses.
  • Compliance monitoring of all key controls by assigned.
  • Recording and follow up of risk mitigation action plans.
  • Online standard and customised dashboard reports.

Back to top

Benefits of Using our Operational Risk Management Software

  • Meet the requirements and expectations of your regulator and other stakeholders.
  • Reduce your operational risk and risk losses to improve your bottom line
  • Achieve best practice operational risk management in a rapid time frame.
  • Create a ‘corporate memory' of operational risk for current and future managers.
  • Carry out consistent high quality self-assessments across your organisation to identify and treat risk before it becomes a problem.
  • Monitor current risks through indicators so you can limit risk losses through prompt action.
  • Improve your risk culture.
  • Obtain objective evidence of control and regulatory compliance.
  • Improve your credit risk rating and reduce your insurance premium.
  • Generate clear and concise reports to senior management and board.

Our implementation service includes software installation, user training and methodology training. Ongoing support covers help desk and ongoing software upgrades to the risk management system.

Back to top

The WORMS Modules in Detail

All modules are integrated and use common data from central libraries of risk events, causes, controls and business units. In addition, all modules use the same action point tracking tool and feed in to a central reporting module to provide a truly integrated total operational risk management solution.

  1. SET UP

    Flexible business unit maintenance enables you to create any organisational hierarchy. Users can be assigned to one or many business units which enables the control of visible information to each user. Central libraries also exist in this module to record risks, causes and controls.

  2. RISK and CONTROL SELF ASSESSMENT

    This module allows users to select risks and controls from the central libraries for assessment. Objectives, critical success factors and processes can also be logged. Multiple approaches to self-assessment are catered for depending on your preference for assessing Inherent Risk, Residual Risk or Effectiveness of Controls. Control weaknesses can be identified and action plans recorded against each risk for subsequent follow up.

  3. COMPLIANCE (INTERNAL and EXTERNAL)

    The first component of the compliance module allows attestations of key controls documented in the risk and controls self assessments (RCSA) by business units. This part of the module facilitates attestations by Executive Management that the control environment has been operating effectively throughout the year. The controls selected for attestation feed directly from the RCSA process to save duplication of effort.

    The second component allows specific compliance questions relating to regulations, legislation, standards, policy and procedures to be assigned to business units for regular attestation. Questions are easily maintained in a ‘question' library and email notifications are sent to users to remind them when compliance questions are available to respond to. Compliance reporting be produced any level throughout the organisational hierarchy in a variety of formats.

  4. KEY RISK INDICATORS

    Choose from the existing inventory of Key Risk Indicators (KRIs) or create your own to produce a firm wide set of KRIs that can be assigned to business units for tracking at the click of the mouse. Intelligent or composite KRIs can be created from other KRIs to summarise group wide KRIs or convert data into more meaningful ratios.

    KRIs can be linked to one or many risks from the central risk library and aggregated to produce an overall risk score for the business unit they have been assigned to.

    Data entry reminder emails are automatically sent at a specific time to aid workflow. Reporting allows aggregation of KRIs to the highest level with the ability to drill down to the most detailed level.

  5. INCIDENT MANAGEMENT

    WORMS allows you to record any type of incident, hazard or issue in any register you can think of. The flexible incident register design module, allows you to create your own incident registers - OHS, Compliance Breach, Fraud, Security, Hazards, Customer Complaints, Product Recall. Whatever data you want recorded is limited only by your imagination.
    • Link incidents to the central risk and control libraries - record which control failed.
    • Create actions to improve controls or prevent the incident from occurring again
    • Attach supporting documents or images.
    • Create separate sections in the online recording forms to restrict view and entry rights by position.
    The reporting module allows cross register graphs and lists to be created on demand or scheduled on a regular basis.

  6. ACTION TRACKING

    The action tracking module allows the actions to be assigned to any user with the following fields and functions:
    • Priority, status, due date, supervisor, action plan and improvement.
    • Automatic email notification that an action has been assigned, due within a specified number of days or overdue.
    • Work log audit trail for any change to the action.

    Completion of actions can be tracked through workflow email notification or scheduled status reports.

  7. REPORTING

    This operational risk management software employs a combination of proforma standard reports and user-defined reports. These can either be run instantly, or scheduled to be emailed to WORMS users on a periodic basis defined by you. All reports can be provided online, in any Microsoft Office format (Excel, Word, Powerpoint) or PDF for management and board reports. Dashboard reporting with drill down capability allows high level summary and aggregated reporting combined with the ability to drill down to the granular level data as required.

Other features include:

  1. The availability of audit tools including audit questionnaires, audit point recording and follow up and audit risk assessments.
  2. A document library, which enables the storage of documents and other files (pictures, sound files etc) to be attached to various points across the system.
  3. The ability to set up of workflow rules which can be applied across the system to enable automated escalations and notifications based on user-defined rules.

Back to top

More Information

We'd love to show you more ways how our Web-based Operational Risk Management System can help your organisation. Please contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it or This e-mail address is being protected from spambots. You need JavaScript enabled to view it to enquire about an online or one-on-one demonstration of this risk management software.

In a hurry? Bookmark this page or download the WORMS brochure (1MB) to see actual screen captures!

 

Upcoming Training

Operational Risk Management for Financial Institutions
Monday, Sep 6, 2010 - Tuesday, Sep 7, 2010
Risk & Control Self Assessment - Workshop
Monday, Sep 13, 2010
Key Risk Indicators - Workshop
Tuesday, Sep 14, 2010
Enterprise Risk Management for Funds Management
Wednesday, Sep 15, 2010

Search

Users

  • Linked In Group: 2701793
  • Twitter: protecht_risk