Categorizing risks with the Governance, Risk, and Compliance: Predictive Intelligence plugin

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Categorizing risks with the Governance, Risk, and Compliance: Predictive Intelligence plugin

    The Governance, Risk, and Compliance: Predictive Intelligence plugin enhances risk management by automatically predicting and associating risk statements to orphan risks—risks that currently lack an assigned risk statement—in your organization's risk records. This AI-driven approach streamlines risk categorization, enabling more accurate aggregation and visibility into the organizational risk profile.

    Show full answer Show less

    Key Features

    • Automated Risk Statement Prediction: Uses artificial intelligence and machine learning similarity algorithms to compare risk names and descriptions with existing risk statements, recommending the most relevant matches.
    • Improved Accuracy and Efficiency: Reduces manual effort and errors associated with searching and selecting risk statements from a large risk library, minimizing incorrect risk categorization.
    • User Roles and Interactions:
      • Risk Users: Can view and associate recommended risk statements only when none are currently assigned to a risk record.
      • Risk Administrators: Configure and train similarity solutions tailored to organizational needs, leveraging the Predictive Intelligence plugin.

    Benefits

    • For Risk Owners: Facilitates grouping of orphan risks into manageable categories by correctly identifying associated risk statements.
    • For Risk Managers: Enhances visibility into the organization's risk profile by reducing orphan risks and enabling impact analysis of similar risks.
    • For Risk Administrators: Provides configuration control over the predictive models to align with organizational requirements.

    Setup and Requirements

    • Requires a risk administrator with the mladmin role to install and activate key applications and plugins: Risk Management, Risk Workspace, Predictive Intelligence, and Recommended Actions - Advanced.
    • The risk administrator must create and train a similarity machine-learning solution using at least 1,000 existing risk records for effective prediction.
    • Administrators can customize the default similarity solution to better fit their organization's specific risk categorization needs.

    By using the Governance, Risk, and Compliance: Predictive Intelligence plugin, you can predict the risk statements for your orphan risks (the risks that don't have risk statements) on the risk records for your organization. You can then identify the correct risk statement for the risks and then aggregate them into manageable categories.

    Usually, the first line of employees or the risk champions within an organization identify the risks for the business.
    Note:
    A risk champion is an executive who is in charge of identifying and reporting risks within an organization.
    As the risk champions identify these risks, they manually associate the risks with the correct risk statement. The organization's senior management gets visibility into the organization's risk profile because these operational risks are aggregated into the enterprise risks.

    However, your risk champions must manually search the complete risk library to identify the correct risk statement for the identified risks. This activity is time-consuming and is an inefficient use of resources. When the risk champions search for risk statements manually, they tend to select whatever is the earliest match rather than search for the entire library, which results in the incorrect categorization of risks with risk statements.

    Predicting risk statements on risk records

    The Governance, Risk, and Compliance: Predictive Intelligence plugin uses artificial intelligence (AI) and machine learning (ML) to predict the related risk statements on the risk records. The Predictive Intelligence plugin uses the similarity capability in the Predictive Intelligence engine to compare the risk name and description with the risk statements. With this plugin, your organization can reduce the effort that is required to search and identify the risk statements to associate with the identified risks. Your organization also gets higher accuracy in risk aggregation and reporting and visibility into the organization's risk profile.

    The following example shows the recommended risk statements on the risk record. Recommended risk statement.
    Note:
    A risk user (sn_risk.user) can only see the risk statement recommendations when the risk statement isn’t defined on the risk record. Based on the recommendations, a risk user can associate the risk with a related risk statement.

    Benefits of risk categorization with risk statements

    By categorizing your organization's risks with the risk statement, the following benefits are provided to different users:
    • Risk owners: Identify the correct risk statement for the orphan risks to group risks into manageable categories.
    • Risk managers: Reduce the number of orphan risks that were created by the first line of employees or risk champions. The risk managers get visibility into the organization's risk profile and can analyze the impact due to the similar type of risks.
    • Risk administrator: Configure the solution definition to predict the risk statements that are based on the organizational needs.

    Setting up the feature

    A risk administrator with the ml_admin role can set up the risk categorization in the Risk Workspace application. Before your organization can use this feature, the risk administrator must install and activate the following applications and plugins:
    • Risk Management
    • Risk Workspace
    • Predictive Intelligence
    • Recommended Actions - Advanced
    A risk administrator can train a default similarity solution for the risks in your organization by using the Predictive Intelligence plugin.
    Note:
    A similarity solution is a machine-learning solution to collect and compare your existing records to new similar records.
    For more information, see Create and train a similarity solution.
    Note:
    You must have at least 1000 risk records for the similarity algorithm to work.

    A risk administrator with the ml_admin role can review the default similarity solution definition for risk and modify it based on your organizational needs.