公开(公告)号：US20080033775A1

公开(公告)日：2008-02-07

申请号：US11888373

申请日：2007-07-31

申请人： Michael Dawson ,  Bradley Wears

发明人： Michael Dawson ,  Bradley Wears

IPC分类号： G06F9/44

CPC分类号： G06Q10/00 ,  G06Q10/0635

摘要： An apparatus for managing risk within an organization includes four modules. An enterprise builder module enables a user to enter and store data regarding one or more reporting entities within the organization. A products and services catalog module enables a user to enter and store data regarding one or more products or services within the organization and to associate each of the one or more products or services with at least one of the one or more reporting entities defined in the enterprise builder module. A compliance obligation inventory module enables a user to enter and store data regarding one or more compliance obligations and to relate each of the one or more compliance obligations to at least one product or service of the one or more products or services defined in the products and services catalog module. A compliance risk assessment module enables a user to conduct a risk assessment for unique combinations of products or services, compliance obligations and reporting units; aggregate risk assessments over an entire reporting unit; and consolidate risk assessments over multiple reporting units.

摘要翻译： 组织内管理风险的设备包括四个模块。 企业构建器模块使得用户能够输入和存储关于组织内的一个或多个报告实体的数据。 产品和服务目录模块使得用户能够输入和存储关于组织内的一个或多个产品或服务的数据，并且将所述一个或多个产品或服务中的每一个与所述一个或多个产品或服务中定义的一个或多个报告实体中的至少一个相关联 企业构建器模块。 合规义务清单模块使得用户能够输入和存储关于一个或多个合规义务的数据，并且将一个或多个合规义务中的每一个与产品中定义的一个或多个产品或服务的至少一个产品或服务相关联，以及 服务目录模块。 合规风险评估模块使用户能够对产品或服务，合规义务和报告单位的独特组合进行风险评估; 对整个报告单位进行总体风险评估; 并整合多个报告单位的风险评估。