GRC Risk Workspace

  • Release version: Australia
  • Updated April 28, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of GRC Risk Workspace

    The GRC Risk Workspace, introduced in version 13.0.5, delivers a simplified, single-pane user experience for managing risks within your organization. It consolidates functions such as risk assessments and risk event processing into one intuitive environment, replacing the classic interface with a more configurable, role-driven workspace tailored to different user responsibilities. This workspace reduces the need to install multiple applications by streamlining Risk Management into a single app installation per risk domain, such as IT risk.

    Show full answer Show less

    To enable the Risk Workspace, customers must install and activate the GRC: Risk Management workspace (com.snriskworkspace) plugin.

    Key Features

    • Role-Driven Customization: The workspace adapts views and functions based on user roles—such as Operational Risk Manager and IT Risk Manager—ensuring relevant information and tasks are prioritized.
    • Home Page Dashboard: Acts as the starting point showing comprehensive organizational risk status including key risk indicator (KRI) breaches, risk heatmaps, risk classification, and entities with highest risk exposure.
    • Task Management: Displays day-to-day tasks assigned to the user and their group to streamline risk management workflows.
    • Advanced Risk Assessments: Simplified access and management of risk assessments, including quick links to schedule assessments and create key risk indicators.
    • Customization: Allows configuring elements such as color codes for heatmaps and reports to align with organizational preferences.
    • Role-Specific Views: Separate home pages and task views for different roles like Operational Risk Manager, Business Operational Risk Manager, and IT Risk Manager, reflecting their distinct responsibilities.

    Role Descriptions and Responsibilities

    • Operational Risk Manager: Oversees operational risks arising from internal processes, people, systems, or external events, managing risks from minor errors to major incidents like fraud.
    • Business Operational Risk Manager: Acts as the first line of defense for individual business units, managing their specific risk posture.
    • IT Risk Manager: Responsible for establishing and maintaining the IT risk management program to protect business data and critical systems from IT-related threats.

    User Experience Enhancements

    The Risk Workspace includes improvements designed to simplify daily risk management tasks, especially benefiting new or less experienced GRC users. The workspace consolidates access to risk assessments and related activities through an enhanced interface, accessible via both the GRC Risk Portal and the Risk Workspace itself.

    Starting with version 13.0.5, the GRC Risk Workspace provides a new and simplified user experience with a single-pane view. In the workspace, you can perform the same functions as the classic environment, but with more intuitive functionality. These functions include risk assessments, risk events processing, and so on.

    The Risk Workspace is highly configurable and role-driven. Being role-driven means that the Risk Workspace is customized or unique for each user or role in your organization. In the workspace, different users with specific roles can perform different functions and have views that differ from each other. The workspace also reduces the number of apps that the users must install to utilize the Risk Management application. For example, if you want to manage your IT risks, you must install only one application. The workspace makes the management and installations of apps easier. To use the Risk Workspace, you must install and activate the GRC: Risk Management workspace (com.sn_risk_workspace) plugin.

    The starting point in the Risk Workspace is the Home page Home page button..

    The Home pages show you the complete view of the risk status across your organization. Some of the key items that you can see are the key risk indicator (KRI) breaches, the risk heatmaps, the risk classification and breakdown, entities at the highest risk and so on.

    The Home page offers the following benefits:
    • Provides a different view for each role.
    • Is designed for the specific responsibilities of each role.
    • Shows the day-to-day tasks for each role depending on the user. For example, the Home page for an Operational Risk Manager differs from that of the Home page of the IT Risk Manager.
    • Displays the key tasks assigned to you and your group. This makes it easier to get a complete view of your actionable tasks. For more information on the new user experience for Advanced Risk Assessments, see Advanced Risk Assessments in the Risk Workspace.
    • Shows the risk profile for the top entities. This consolidated view enables easier reporting.
    • Enables customization to suit your needs. For example, you can configure your own color codes for heatmaps and reports. For more information, see Operational risk heatmap for Advanced Risk Assessment in the Risk Workspace
    • Provides quick links for performing key tasks such as scheduling risk assessments, creating new key risk indicators, and so on.
    • Provides data in a way that you can select and view the details.
    • Shows the classic risk assessment scores if the Advanced Risk application is not enabled.

    Roles and user enhancements in the Risk Workspace

    The roles for the Risk Workspace are the Operational Risk Manager and IT Risk Manager. See the following sections for the description of each role, its responsibilities, and its tasks.
    Note:
    Because the roles in your organization might be different from what is presented here, use these roles as references or models.

    Multiple enhancements have also been made to the user experience in the Risk Workspace. Each enhancement is described in detail in the subsequent sections.