Categorizing risks with the Governance, Risk, and Compliance: Predictive Intelligence plugin

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Categorizing Risks with the Governance, Risk, and Compliance: Predictive Intelligence plugin

    The Governance, Risk, and Compliance: Predictive Intelligence plugin enables organizations to predict risk statements for orphan risks—those without associated risk statements. This allows for the identification of appropriate risk statements and their aggregation into manageable categories, streamlining the risk management process.

    Show full answer Show less

    Key Features

    • AI and ML Integration: Utilizes artificial intelligence and machine learning to predict related risk statements based on risk name and description.
    • Improved Accuracy: Reduces the time and effort required for risk champions to manually search for risk statements, enhancing accuracy in risk categorization and reporting.
    • Visibility: Provides senior management with a clearer view of the organization’s risk profile through aggregated operational risks.

    Key Outcomes

    • For Risk Owners: Facilitates the identification of correct risk statements for orphan risks, grouping them into manageable categories.
    • For Risk Managers: Decreases the number of orphan risks and enhances visibility into the organization’s overall risk profile.
    • For Risk Administrators: Allows for configuration of predictive solutions tailored to organizational needs, ensuring effective risk categorization.

    Setting Up the Feature

    A risk administrator with the mladmin role must install and activate the necessary applications and plugins, including Risk Management and Predictive Intelligence. At least 1,000 risk records are required for the similarity algorithm to function effectively. Administrators can train and modify the default similarity solution to align with their organizational requirements.

    By using the Governance, Risk, and Compliance: Predictive Intelligence plugin, you can predict the risk statements for your orphan risks (the risks that don't have risk statements) on the risk records for your organization. You can then identify the correct risk statement for the risks and then aggregate them into manageable categories.

    Usually, the first line of employees or the risk champions within an organization identify the risks for the business.
    Note:
    A risk champion is an executive who is in charge of identifying and reporting risks within an organization.
    As the risk champions identify these risks, they manually associate the risks with the correct risk statement. The organization's senior management gets visibility into the organization's risk profile because these operational risks are aggregated into the enterprise risks.

    However, your risk champions must manually search the complete risk library to identify the correct risk statement for the identified risks. This activity is time-consuming and is an inefficient use of resources. When the risk champions search for risk statements manually, they tend to select whatever is the earliest match rather than search for the entire library, which results in the incorrect categorization of risks with risk statements.

    Predicting risk statements on risk records

    The Governance, Risk, and Compliance: Predictive Intelligence plugin uses artificial intelligence (AI) and machine learning (ML) to predict the related risk statements on the risk records. The Predictive Intelligence plugin uses the similarity capability in the Predictive Intelligence engine to compare the risk name and description with the risk statements. With this plugin, your organization can reduce the effort that is required to search and identify the risk statements to associate with the identified risks. Your organization also gets higher accuracy in risk aggregation and reporting and visibility into the organization's risk profile.

    The following example shows the recommended risk statements on the risk record. Recommended risk statement.
    Note:
    A risk user (sn_risk.user) can only see the risk statement recommendations when the risk statement isn’t defined on the risk record. Based on the recommendations, a risk user can associate the risk with a related risk statement.

    Benefits of risk categorization with risk statements

    By categorizing your organization's risks with the risk statement, the following benefits are provided to different users:
    • Risk owners: Identify the correct risk statement for the orphan risks to group risks into manageable categories.
    • Risk managers: Reduce the number of orphan risks that were created by the first line of employees or risk champions. The risk managers get visibility into the organization's risk profile and can analyze the impact due to the similar type of risks.
    • Risk administrator: Configure the solution definition to predict the risk statements that are based on the organizational needs.

    Setting up the feature

    A risk administrator with the ml_admin role can set up the risk categorization in the Risk Workspace application. Before your organization can use this feature, the risk administrator must install and activate the following applications and plugins:
    • Risk Management
    • Risk Workspace
    • Predictive Intelligence
    • Recommended Actions - Advanced
    A risk administrator can train a default similarity solution for the risks in your organization by using the Predictive Intelligence plugin.
    Note:
    A similarity solution is a machine-learning solution to collect and compare your existing records to new similar records.
    For more information, see Create and train a similarity solution.
    Note:
    You must have at least 1000 risk records for the similarity algorithm to work.

    A risk administrator with the ml_admin role can review the default similarity solution definition for risk and modify it based on your organizational needs.