Incident Management

Incidents are situations or occurrences that effect an organization resulting in actual financial losses at a given point in time. Examples of incidents include internal theft/fraud or a natural disaster. Organizations track incidents to identify potential risks, providing an objective risk measurement and serves as a catalyst for risk management strategies, action plans and controls based on the occurrence of these events.

While incidents can be traced back to a single incident date, multiple impacts of an incident may occur over a period of time. For this reason, each incident is comprised of one or more impacts that describe the effect of the loss on the organization. For example, a natural disaster could result in an incident with multiple impacts (e.g. damage to facility, damage to technology infrastructure, insurance recovery).

The Incidents tab is used to track incidents that have occurred within an entity (organization, process, IT application, project/event) within the Governance Portal. Incident tracking allows users to determine risk profiles by evaluating past losses and collecting data for compliance reporting.

The Incidents Management module provides a comprehensive solution for incident management, including:

Capture of internal, external, near-miss, and estimated loss data
Perform advanced user-definition of incident attributes
Aggregation of losses to multiple user-defined reporting hierarchies (e.g. Basel business lines, management reporting, legal entity structure)
Organization of loss information by your common risk event model
Multi-currency translation
Create audit trails to track loss event updates, reviews, and approvals
Perform risk scenario analysis by creating fictitious incidents.

In addition, users can compare actual losses with estimated risk profiles to provide an accurate picture of risk within your organization. From this, users can manage mitigation steps, identify root causes and assign accountability to appropriate organization(s) and process units.