What is Process Risk and Control in GRC and IRM product?

Tejas9 · ‎08-19-2024

What is Process Risk and Control in GRC and IRM Product?
Can anyone explain with an example?

Does it mean that how business processes are related to risk and control?

Community Alums · ‎08-19-2024

Hi @Tejas9 ,

It all starts with Control objective, which means when you add a risk statement and entity typre of "business process" to controls gets generated and it has it's own lifecycle, similarly when you add entity type to risk statement, then associated risks gets generated.

Example :

I am going to add the business process entity type to to control objective :

Now, if you see there are multiple controls gets generated :

Now, the control will follow it's lifecycle :

Now, We do the same for Risk Statements:

Now, Risk will have it's own lifecycle:

View solution in original post

Community Alums · ‎08-20-2024

Hi @Tejas9 ,

View solution in original post

Community Alums · ‎08-19-2024

Hi @Tejas9 ,

It all starts with Control objective, which means when you add a risk statement and entity typre of "business process" to controls gets generated and it has it's own lifecycle, similarly when you add entity type to risk statement, then associated risks gets generated.

Example :

I am going to add the business process entity type to to control objective :

Now, if you see there are multiple controls gets generated :

Now, the control will follow it's lifecycle :

Now, We do the same for Risk Statements:

Now, Risk will have it's own lifecycle:

Community Alums · ‎08-20-2024

Hi @Tejas9 ,