Organisations often design risk management processes and procedures which are technically sound but can fail to gain acceptance by risk owners/department managers due to procedural issues and documentation complexity.

GuardianERM.net aims to bring risk management to life by reducing the gap between the ‘theory’ and ‘practice’ of risk management through its user friendly design, workflow emails and alert features.

GuardianERM.net helps to ensure consistent delivery of risk management processes across the entire organisation – critical for larger or global organisations.

GuardianERM.net allows people across the organisations can identify, assess, quantify, monitor and manage their specific risks – and as these will be reported collectively – management will get a true enterprise-wide risk picture.

The risk and control libraries help to proactively evaluate and manage strategic, tactical, financial and operational risks across all business units, projects and processes.

Good practice business rules and prompts consistent with best practice risk management standards such as AS/NZS4360, ISO 31000 and COSO are embedded in GuardianERM.net and configurable by each organisation.

Organisations that want to advance their risk management framework can add project, fraud, environmental, occupational health and safety and business continuity risks and track Value at Risk (VaR) for a broader and more comprehensive risk management approach.

Build risk, control and audit libraries to retain corporate knowledge

In all organisations, a vast amount of knowledge and experience is usually dispersed across a number of areas and many people. What happens when people move on? Much of this knowledge is lost.

Imagine harnessing all that knowledge and expertise and keeping it in one place:

• Through the library feature, GuardianERM.net allows organisations to set up their own library of corporate knowledge relating risks, internal controls, business processes, compliance requirements and audit programmes.
• Users can later access and share this library to attach risks and controls to their own business area to conduct risk evaluations, audits and risk profiling.
• For quick indexing and filtering, GuardianERM.net allows grouping of risks and controls into separate categories e.g. financial risk, operational risk, compliance risk, strategic risk.

Limiting update access the library (through security access) will help maintain the integrity of data and free from duplicate data.

Risk profiling the easy way

GuardianERM.net has comprehensive risk management features that allows organisations to profile their organisation units, projects, events, business processes and activities.

• Colour coordinated risk, control and audit data to assist users.
• Users select risks and controls from the organisation's library that is appropriate to them. Users can also simply cut, copy and paste risk and control data.
• Users evaluate and categorise each risk, record the possible causes, rate the likelihood and consequences, record Value at Risk and assign a financial statement assertion if required.
• Users attach any number of controls to a risk and evaluate each control as to its effectiveness, record cost of control, update control status (agreed, proposed, implemented), control type (treat, transfer, correct), key control indicator, execution frequency, action and control responsibility.
• Inherent and residual risk profiles are presented graphically.
• Users develop treatment action plans to resolve residual risk exposure or enter a reason to accept the residual risk.
• Users attach relevant documents such as organisational policy, procedure manuals to an organisation unit, risk and/or control.
• Users periodically review and attest their risk profiles and simply tick a box to complete periodic management attestations online. No paper, no hassle. In one glance, the CEO, CFO or CRO can see who has attested on time.

Manage all risks and opportunities

• Strategic and operational opportunities
• Strategic risk
• Operational risk
• Regulatory risk
• Financial risk
• Insurable risk
• OH&S risk
• Technological risk
• Project risk
• Security risk
• Environmental risk
• Reputation risk