- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2024 05:17 AM
What is Process Risk and Control in GRC and IRM Product?
Can anyone explain with an example?
Does it mean that how business processes are related to risk and control?
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2024 06:45 PM
Hi @Tejas9 ,
It all starts with Control objective, which means when you add a risk statement and entity typre of "business process" to controls gets generated and it has it's own lifecycle, similarly when you add entity type to risk statement, then associated risks gets generated.
Example :
I am going to add the business process entity type to to control objective :
Now, if you see there are multiple controls gets generated :
Now, the control will follow it's lifecycle :
Now, We do the same for Risk Statements:
Now, Risk will have it's own lifecycle:

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2024 11:04 PM

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2024 06:45 PM
Hi @Tejas9 ,
It all starts with Control objective, which means when you add a risk statement and entity typre of "business process" to controls gets generated and it has it's own lifecycle, similarly when you add entity type to risk statement, then associated risks gets generated.
Example :
I am going to add the business process entity type to to control objective :
Now, if you see there are multiple controls gets generated :
Now, the control will follow it's lifecycle :
Now, We do the same for Risk Statements:
Now, Risk will have it's own lifecycle:

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-20-2024 11:04 PM