Download the HOPEX Enterprise Risk Management datasheet

HOPEX ENTERPRISE RISK MANAGEMENT
Streamline your risk management process and support risk governance throughout the enterprise
THE MEGA ENTERPRISE RISK MANAGEMENT SOLUTION
HOPEX ERM helps manage the broad spectrum of risks and associated activities across the organization from risk identification to reporting - while ensuring data consistency and quality.
MEGA helps risk management teams:
Improve ERM quality and effectiveness
Set up and manage a structured risk library where all changes are
tracked in the shared repository, helping to facilitate audits. Automated
risk self-assessment questionnaires reduce risk managers’ workloads so
they can focus on the least-repetitive tasks.
Assess risks in collaboration with business users
Collect business user input to help assess risks and controls. A collaborative workspace makes it easy for multiple departments to work together.
Each participant in the process has a specific interface showing only
the information that is associated with that user’s responsibilities. All
exchanges between risk managers and business users can be tracked
and automated.
Automate consolidation and communication of risk exposure
Leverage a variety of reports and dashboards to monitor risk status, compliance, and the implementation of appropriate controls. An advanced
aggregation engine calculates consolidated risks for each business unit
or business process. Email and alert capabilities facilitate the communication of information to all stakeholders.
Risk Management Reports
Powered by H
PE X
BENEFITS
• Easily assess high priority
risks through key risk
indicator (KRI) tracking
• Eliminate silos and
redundancies by leveraging
a central repository to
store all risk, process, and
compliance data
• Faster response times
through automated
assessment campaigns,
questionnaires, alerts,
reminders, and workflows
• Protect against future
losses and negative
business impacts through
scenario analysis
• Deliver actionable reports
and analyses for process
optimization and
governance
Aggregation of Risk Level
KEY FEATURES
Based on MEGA’s HOPEX platform, HOPEX Enterprise Risk Management supports the risk management process from
end-to-end and seamlessly integrates with other components of MEGA’s GRC solutions.
Identification Phase: Identifying risks and setting up a risk library
Identifying risks
•Support a bottom-up or top-down risk identification approach
•Risks are mapped in relationship to their context (business processes and business units) using graphical risk mapping
capabilities
Setting up and managing a risk library
•Set up a risk library where risks are identified and described in depth, including links to controls and objectives
•Indicators, as well as analytical and summary reports, are generated to facilitate risk library management
Risk Assessment Phase: Measuring and consolidating risks
Assessing risks
•Risk are assessed by experts or a Risk and Control Self-Assessment (RCSA)
•Establish key risk indicators (KRIs) that are updated by business users through self-assessment questionnaires
Consolidating risks
•The different measurements for a given risk are aggregated, and exposure to the risk is automatically calculated for
each business process, business unit, and type of risk
•Future risk exposure is forecasted based on measurements from previous years and the implementation of action items
Risk Treatment Phase: Monitoring risks and following up on action plans
Monitoring risks with appropriate controls
•The response to each risk is determined: accept as-is, reduce, provision, or insure
•Appropriate controls and action plans to reduce the risk are defined and implemented
Following up on action plans
•Reports are generated to facilitate the tracking of progress on action plans
•The effectiveness of action plans is measured by comparing the inherent and residual risk exposure
LEVERAGING SYNERGIES BETWEEN DEPARTMENTS
MEGA’S GRC SOLUTIONS
www.mega.com
@mega_int
© MEGA International 2014
With MEGA’s four Corporate Governance solutions, risk managers can work within an enterprise-wide governance
framework, giving executives a 360° view over their operations. The solutions also allow action plans to be shared,
creating powerful synergies between risk management, compliance, internal control, and internal audit activities.
• Control testing and assessment results can be integrated into the RCSA process
• Compliance risk assessments can be reviewed to check the coherency of risks throughout the enterprise
• When a weakness is detected by internal audit, a high priority recommendation can be made on a risk to either trigger a
re-assessment or a re-test of this risk

Download Report