IDS Scheer uses a very successful concept to manage and control operational risks: our strength lies in the integration of individual methods and standard tools.
Experts from various industries with a wide range of experience in international projects apply a modular set of tools and reference models that permit fast and effective implementation of risk and control management systems for very different goals.
Basel II, Sarbanes Oxley Act, German KonTraG or Business Continuity Planning are just a few of the terms from our project successes. With our ARIS software family and the Risk & Control Management Suite modules, we guarantee high usability coupled with comprehensive customisation features, and all this based on the market leader for business process management software: ARIS.
The business process is the central aspect of risk and control management The IDS Scheer methodology sees the business process as the focal point of risk and control management. All risk sources are to be found in the business process and only become risk relevant through the business process. The business process is the risk-bearing element, without which the causes and potential improvements cannot be analysed.
The business process analysis is the balance-sheet analysis of operational risk - without it any collection of historical data offers only low improvement potential.
Rapid success through individual implementations based on standard tools and reference models
IDS Scheer`s success is driven by the highly efficient execution of problem analysis, solution design and its implementation. The process-oriented approach leads to a methodologically seamless basic concept, like the one we use for quality management and cost optimisation.
We apply "building blocks" of technical functionalities and standard tools with proven reference models and procedures.
Modular structure of Risk & Control Management tools ensures high-level flexibility
Our solutions are based on a database with the company model: ARIS. It identifies all the systems, products, organisational units, processes, risks, controls, KRIs, etc. This company model data is merged to suit the objectives and priorities, and then made available to the Risk & Control Management modules: Risk mapping, Risk evaluation, Risk reporting, Incident recording, Control audits, KRI scorecards, Improvement management, etc.
Risk Control Audit with ARIS Audit Manager for SOx
The ARIS Audit Manager for SOx has been specially developed to meet the demands on internal audits such as under the Sarbanes Oxley Act. It derives all the audit-relevant information from the process model in ARIS. This is where the controls, involved persons, necessary tests and test owner, test frequencies and descriptions are defined. From this ARIS automatically generates a database-aided Web workflow that supports the audit and the necessary reporting and escalation processes.
Process analysis as root cause analysis in risk management
Knowledge of the detailed process flow - modelled or automatically recorded by our unique tools - is the basis for understanding and avoiding incidents. Business process variants, eg from different business regions or sales channels, provide an insight into the possible causes of the incident history of the one or other sales channel or business region. Best practices and risk-minimising procedures can be identified and then made available to the rest of the company.
The risk model as basis for management decisions
The merging of all the relevant risk information in one central risk model is the starting point for all the related reports and decisions. Be it decisions about alternative systems, emergency plans or resource allocations. The merging of all the relevant risk information and, where appropriate the cost-accounting and quality management information, in the same business process model provides the best basis for far-reaching management decisions.
Individual and role-based reporting on state-of-the art platforms
Data that is merged in the ARIS company model and its process descriptions is then available with the flexibility of a database-aided modelling tool. Existing external data sources can generally be incorporated. The results are then customised to meet the company`s requirements and can be made available on a wide number of technical platforms. It goes without saying that use restrictions and role concepts can be applied.
Indicator measurements for integrating risk management in overall corporate control
Modern systems for overall corporate control are very often based on a complex multi-dimensional system of key indicators. Risk management is a very important component of corporate control, and recent important events are increasingly making it the focus of top management attention. Our indicator models and reporting system permit the integration of risk management in the meeting of these requirements.
ARIS ProcessDay 2004: `Innovation by Business Process Management`
Want to hear more about risk and business process management? Register and join us on the annual Business ProcessDay presented in Cape Town and Gauteng: http://www.cpi.co.za.
Share
Collaborative Process Integration (CPI) is the premium value-added reseller (VAR) for IDS Scheer AG in SA and the rest of Africa. CPI follows a very strong collaborative partnering approach in putting a total business process integration solution together. CPI is also a registered training partner at IDS Scheer in SA. http://www.cpi.co.za
Editorial contacts