Risk management software, often linked closely with
compliance management software, is designed to lower the
overall risk and security implications that enterprises face.
Financial services firms are big users of risk management
products, as you would expect, and even
Rogue Trader Nick Leeson has warned them to make sure they have
it in place.
But other sectors also use
risk management tools to mitigate their risk.
How does risk management software work?
Risk management software works by identifying the
risks associated with a given set of assets and communicating
this risk to the business, often through on-screen dashboards.
It does this by collecting and collating data across the
enterprise IT system, and indicating where the risks lie.
Risk management applications also help businesses to manage
their IT risk through things like notifying them of security
breaches.
The software might also remind businesses to refresh their
security when events occur. In addition, risk management supports
business continuity by identifying potential and actual IT
breakdowns.
What are the challenges of implementing risk management?
From an IT perspective, companies will need to spend money on
linking separate systems to ensure overall risk can be seen at one
point. This involves using communications technology that can
adequately link the systems together in a way that makes sense of
all the risk data.
As well as the technology integration, organisations may well
need to be able to put a price on their risk, so the data can be of
use.
Also, they may need to overcome the different attitudes to risk
in different departments before spending on technology.
Where do the risks come from?
The sorts of risk that risk management applications have
traditionally dealt with has centred on financial risks, such as
credit risk, interest rate risk, or uncertainty in financial
markets.
However, the software can also cover
project failures, legal liabilities,
accidents, natural causes and disasters as well as deliberate
attacks from an adversary.
Who uses risk management software?
Many financial organisations, including retail and investment
banks, use risk management and compliance software. The reasons for
using risk systems varies from mitigating risks from financial
investments to covering security breaches and breaks in business
continuity.
But apart from banking and financial services, many other key
sectors use risk software. These include
IT and telecoms firms; the energy sector; government and public
sector bodies, and the insurance sector.
Are financial firms required to use the software?
Yes. Risk management is essential to financial services firms
because it is enforced by the
Basel 2
accord which
came into force in January 2008.
The international regulation requires that banks ensure they
have enough cash reserves to cover the financial cost of problems
in the business, including fraud and IT failures.
As a result, the main integrated financial trading systems, such
as Misys Summit, Calypso, and Murex, have risk management and
compliance at the heart of their platforms.
Resources: Leading risk management software firms
- SaS for
Enterprise Risk Management
SaS has a risk management platform that is targeted at a number of
industries including insurance, energy and government. -
IBM Enterprise Risk Management
IBM’s enterprise risk management and compliance suite is based on
Cognos business intelligence. The software offers management
reports, dashboards, scorecards, alerts and notifications. - Symbiant Risk
Suite
Symbiant’s Risk Suite is web-based and allows different parts of a
company to collaborate on risk initiatives. - Methodware ERA
Methodware ERA allows firms to integrate their risk assessments,
internal audits, compliance initiatives and corporate governance
through one tool. It is able to generate reports and analysis. - Syntex
Companies such as ExxonMobil, Schlumberger and Royal Dutch Shell
use Syntex’s enterprise risk management software. It can be used to
improve operational, quality, environmental, health, safety and
security risk. - Strategic Thought
Strategic Thought’s Active Risk Manager (ARM) is an enterprise risk
management suite which started off as a project risk management
product. It now has operational risk management capability, as well
as business continuity, and governance and compliance. - Misys
Misys Summit is a well-established integrated financial trading
system, used by many of the world’s leading banks. It has risk
management at its core. - Murex
Murex is another well-established integrated financial trading
system, used by many of the world’s leading banks. Murex is also
based on a platform that has risk management at its heart. - Calypso
Calypso is a modular Java-based financial trading system which has
financial risk management at a key component. It is used by major
banks across the world.