Leadership, Knowledge, Solutions Worldwide. · Over the last year, 7 out of 10 companies selected...

Over the last year, 7 out of 10 companies selected STARS when implementing a risk management or claims administration system. Why? We have more clients, greater investment, proven stability and broader expertise.

Learn about how CS STARS can empower your organisation at www.csstars.com/innovation.

Leadership,Knowledge,Solutions...Worldwide.

We simplify the job of managing risk.

28 About change

Compliance is one of the top concerns for busi-ness leaders today. Mark Coronna looks at howthe regulatory landscape has changed and whatit has in store for the financial services industryof the future

30 All-seeing I

Today’s businesses are dealing with a burgeoningamount of regulation and governance. Dealingwith it need not be considered such a burdenand can even bring about positive change. NickMartindale reports

RISK MANAGEMENT SOFTWARE SUPPLEMENT

32 Risk ManagementSoftware: A guide to risk manage-ment software: product summaries

40 Risk ManagementSoftware: A guide to risk manage-ment software: product features

Sponsored by

RiskAssessmentSupplement_cover.qxd 22/12/2010 18:02 Page 1

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > REGULATION

CIR December 201028

This disjointed and piecemealapproach to compliance has frequently been cited acontributory factor in the troubles that followed and was a model that could not besustained after the seismic eventsof the subsequent credit crunchand the wave of global reformthat followed in its wake.

The shift we are seeing todaytowards more prescriptive andrestrictive regulation placesresponsibility and accountabilityfirmly at the feet of seniormanagement. In addition, firmsmust also deal with multiple andprotracted revisions of planneddirectives, such as has been thecase with Solvency II.

But with examples of roguetrading and malpractice nowmuch more commonplace, theFSAs enforcement activity hasswung sharply into gear.Enforcement activity has alreadyrisen sharply as regulators arenow shooting anything thatmoves. The level of fines handedout five years ago were alreadymatched in the first five months of

Regulation is at the forefrontof minds across thefinancial services industry.

The clamour for more effectivecensure of financial services thatwill put a stop to a repeat of thecostly mistakes of the creditcrunch has borne a raft of newmeasures that many firms wouldbe forgiven for consideringslightly overwhelming.

Full and prompt compliance in ever tightening timeframes isnot only expected, butincreasingly demanded by anumber of vocal critics within theindustry. Many argue that it isunderstandable that a spotlight be shone on practices by a more sceptical public and more aggressive regulator as we pick up the pieces of the last three years.

What firms must now do,though, is change their approachto the regulation in line with thisincreased scrutiny. Today’s pictureis quite different to that of fiveyears ago when a light touch wasapplied by regulators.

Honouring the system

The regulatory landscape in whichwe operated only five years agowas a vastly different one. A lessprescriptive approach saw theUK’s Financial Services Authority(FSA) move towards ‘principlesbased regulation’ – a less costly‘honour system’ that at the timewas regarded globally as aprogressive approach. In the UK,a single regulator was preferred

which adopted a low level ofactivity focusing on consumerlevel misdemeanours, such as mis-selling, and indeed sought to make high-profile examples ofthose companies that did step outof line. In short, the sheriffs wereshooting infrequently but whenthey fired they were going afterbig game.

At the corporate level, roguetrading appeared to be a lessfrequent occurrence (or so itappeared) and the markets began to believe in the concept of self regulation prior to thecredit crunch. The issue ofcompliance itself tended to beimplemented outside the businessprocess as a “retro fit” usingindividual technology platformsthat were very departmental and compliance as a whole was regarded as a cost and not a benefit.

Typically, the compliance team had little presence or impact on key risk managementoutputs and decisions and in many cases seemed to beregarded as the internal policerather than a valuable planningand implementation resource. Atthe time these departments had to consistently demonstrate andprovide evidence that they havemet the necessary requirements.The difficulty in getting full seniormanagement to engage withcompliance and act was clear tosee as compliance only reallyforced its way on to the agendawhen the FSA were due for a visit.

About changeCompliance is one of the top concerns for business leaders today. Mark Coronna looks at how the regulatory landscape has changed and what it has in store for the financial services industry of the future

“The shift we are

seeing today towards

more prescriptive and

restrictive regulation

places responsibility

and accountability

firmly at the feet of

senior management”

supp_intro.qxd 22/12/2010 15:26 Page 1

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > REGULATION

CIR December 2010 29

2010. Even in 2007, the FSA washanding out relatively low finesand it seemed that it – along withthe rest of the financial servicesindustry – the regulator wassleepwalking into the credit crisis.

Moving forward

Compliance and risk have nowbecome synonymous with eachother with many companies nowintegrating platforms andmigrating to the enterprise riskmanagement (ERM) approach.Compliance is now widelyrecognised as needing to beembedded into business processesand the need to understand therelationship with the customer inall dimensions is a pressingconcern. There is a recognitionthat risk-based approaches differbetween sectors and firms feel thatcompliance is not a growth enginebut a huge and necessary costcentre. The role of the complianceofficer has also changed with‘risk’ forming a vital part of aboard’s responsibilites.

The future

Many firms may be wonderinghow permanent these changes are.The chances are we may still bewaiting for the regulation of todayto bed down again after a periodof supervisory and regulatorychange around the world.However, regulators may be likelyto take an even stronger line withenforcement activity in order todistinguish themselves from thebodies that came before them,many of which were seen to havefailed to prevent the globalfinancial crisis. In his recentspeech announcing the new UKregulatory structure, ChancellorGeorge Osborne said he wants toensure that regulation is about“less box-ticking and moreexercise of judgement” – this maymean that directives are more

adapted to individual firms andbecomes less “one size fits all.”With this in mind, if regulation is to become less about tickingboxes and more about theexercise of a supervisor’sjudgement, this will have animpact on companies’ procedures.

Additionally, the UK will movefrom having a single regulator inthe form of the FSA, to a greaternumber of regulatory bodies (atfirm level a prudential regulator, aconduct of business regulator anda financial crime agency),compliance teams may have tospend much more of their timeinteracting with the rule makers.At present, liaison with the FSAtends to be carried out as part of a compliance officer’s role, but it may have to become a rolein itself.

But the main challenge over thenext few years in the UK will bethe move from the current systemof regulation to the new one.Getting the new architecture inplace by the end of 2012 is anambitious deadline and is likely tomean lots of consultation papers,each with a shorter-than usualresponse deadline. The newEuropean regulatory architectureis already creating challenges fororganisations that have notstepped up their approach tocompliance. As a result there maybe challenges in reconciling thenew UK architecture with the newEU architecture as the former willbe split by regulatory function(prudential or conduct of businessregulation, for instance) and thelatter by firm type (banks,securities and insurance). Whileall this is happening, there is stillan ambitious programme ofongoing work to complete. At aglobal level, regulatory changessuch as those being implementedby the G20 and the Baselrequirements, at EU level

Solvency II, and in the UK theRetail Distribution Review are justa few of many possible examples.It will therefore be a challengefor compliance teams to keeptheir focus on current risks in the here and now rather than letthemselves be distracted by theregulatory upheaval going on all around them. Resource mayalso become even tighter incompliance teams as there will be so much to do. Firms willnaturally be concerned about the cost of the new regulatorystructure having already seentheir FSA fees grow exponentiallyin the past five years.

There may be particularchallenges for non-banking firms,whose prudential regulation willcome under the Bank of Englandfor the first time and there is adanger that the PrudentialRegulation Authority will focustoo much on banking and havelittle or no experience of otherfinancial services sectors. Thiswill mean more interaction will beneeded between affected firmsand the authority.

Whatever the future has in store it is clear that in planningfor it, the role of compliance cannot be ignored as the presence ofthe regulator is set to be felt farmore than at any other time in the past.

Mark Coronna is managing

director, Europe, Wolters

Kluwer Financial Services

“Chancellor George

Osborne said he

wants to ensure that

regulation is about

“less box-ticking and

more exercise of

judgement”

supp_intro.qxd 22/12/2010 15:26 Page 2

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > TECHNOLOGY

CIR December 201030

“Typically the complianceelements are seen as a hygienefactor; a cost of doing business,”says Emma Price, a director atStrategic Thought’s risk advisorypractice. “The debate is moving to the value-adding areas of riskmanagement which is focused onimproving business performanceand looks at both risks andopportunities.”

Mark Gilliland, managingdirector, EMEA, at internationalrisk technologies firm and MarshRisk Consulting subsidiary CSStars, says the danger of focusingtoo much on regulation is that itencourages a complianceapproach where forms are filledin and filed away but trends arenot monitored or acted on at thetop of an organisation.

“What we hear fromenlightened companies is thatregulation is important but it’seven more important that they’reable to drive a corporate riskculture within that organisation sothey can develop actions plansfrom lessons learned,” he says.

Examples of companies thathave already benefited from such an approach include South African mining firm Group Five, he says, which has used risk managementinformation systems to improve its ratio of new contracts on whichit makes money from 50 per centto 80 per cent, allowing it tobetter manage shareholderexpectations.

Among the most enduringfeatures of the economicdownturn is the pressure

on financial institutions to complywith tighter regulations regardingtheir own balance sheets and theirapproach to lending.

New measures under Basel II,issued in 2009, have alreadyincreased the pressure on banks,and further proposals under BaselIII – due to come into force in2019 – will only add to this in theyears ahead.

The financial industry is not the only one affected by the trend towards greater regulatorycompliance. The insurance sectorfaces strict new requirementsunder Solvency II, due to comeinto force at the end of 2012,while UK organisations of allkinds must contend with bestpractice guidelines such as the Office of GovernmentCommerce’s Management of Risk, as well as internationalstandards such as ISO 31000 on risk management, ISO 9000 on quality management and ISO 27001 on informationsecurity.

The greater emphasis onregulation is having an impact on the development of riskmanagement software.“Traditionally software has beenfocused on the more quantitativetypes of risk such as market,liquidity and credit which lendthemselves to an actuarialapproach to assessment,” says

Richard Pike, chief productstrategist at ARC Logics, a WoltersKluwer business.

“But software is increasinglyhaving a role in the morequalitative risk types of regulatory,operational, reputational andstrategic. Recent innovations in the areas of knowledgemanagement and neural networksare starting to show the benefits of trawling the huge amounts ofdata available to companies abouta certain risk and processing thisdata for useful consumption by the risk assessor.”

A major trend over the past year has been the delivery of ‘pre-packaged’ risks and controlswithin the software itself. Thismeans that a company can receivea list of standard risk and controlsconcerning their industry andregulations, ensuring that theyhave full coverage across theirregulatory risk. Such capabilitiesare becoming particularlyimportant in the life sciencesindustry, where there is strongpressure in this area.

The need to comply withincreasing regulatoryrequirements has also led to a surge in demand for riskmanagement packages fromsmaller organisations.

Yet while many organisationsare all too aware they must meetregulatory requirements, they also realise the potential of riskmanagement software to deliveradditional business benefits.

All-seeing I Today’s businesses are dealing with a burgeoning amount of regulationand governance. Dealing with it need not be considered such a burdenand can even bring about positive change. Nick Martindale reports

30-31_All-seeing_I.qxd 22/12/2010 16:23 Page 1

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > TECHNOLOGY


Inside an organisation, riskmanagers are able to spotpotential trends that could helpprevent accidents or leave thecompany exposed to financial or legal risks. One of the mostimportant factors in assessingrisks is context. What are theregulations in this area, has acompetitor faced a loss, have we had any recent near-misses,what is the state of our processes,have all of the staff completedtheir training?

There are other emerging trendsin risk management software. Pike at ARC Logics, for example,says the development ofinternationally recognised riskmanagement standards such as the COSO framework and ISO 31000 is encouragingcompanies to move away frominternally developed modelstowards off-the-shelf systems.

But buyers have to be careful tofind the right blend between suchapplications and developing theirown unique version, warns KenEbbage, chief executive ofPentana. “One of the problems we have as a packaged softwaresupplier is that the risk standardssay a lot about how to carry outthe process of risk assessment, butlittle about the actual calculationof risk,” he says. “This means thatwe are faced with potential clientsusing many different calculationmethods.

“Some software suppliersexpect clients to adapt to theirsupported calculation methods,while others offer completecustomisation. Both strategies havetheir problems; if calculations arefixed, the client may just chooseanother system. If calculations arecustomised, the software housemay be faced with problems inmaintaining those customisationsin future releases,” he adds. “Theideal is somewhere in between,

where there is user configurabilitywithin a set and maintainableframework.”

There can be little doubt thatthe economic downturn and thecorresponding tightening ofregulatory requirements onorganisations in all sectors hasincreased the role riskmanagement – and the software to support it – plays within acorporation, and this greaterprominence is also likely to opendoors to further development.

Price at Strategic Thought, for instance, suggests companieswill increasingly adopt riskmanagement software with aninternational focus, whileGilliland at CS Stars forecastspackages will move to a morepredictive – rather than reactive –basis. His organisation, forinstance, is currently working on atool that will allow risk managersto identify potential geographicthreats – such as hurricanes –around the world, enabling themto implement appropriate plans inplenty of time.

“Risk management hashistorically been seen as the ugly sister of the other businessdisciplines; somethingunglamorous, onerous and quitefrankly a bit ‘health-and-safety-ish’,” says Phil Walden, sales andmarketing director at JCApplications Development.

“This has changed. The nextfive years will see riskmanagement continue to bepushed into the foreground; anessential element of good businessplanning that cannot be relegatedto a Friday afternoon and one thatif done badly has hugerepercussions. In light of thistechnologies are essential inaiding the process of capturingrisk data so that it can be usedacross the entire organisation toinform decision-making.”

Ultimately, though, any softwareis only as good as the individualwho interprets the findings andthe business controls that areimplemented around it as a result.

“Bad risk management is badrisk management, and can takeplace regardless of whether atechnology solution is in place,”says Walden. “If the rightquestions are not asked in thefirst place or the organisationdoesn’t understand its ownbusiness, or fails to communicatethe importance of riskmanagement to its employees,mistakes will be made andimportant risks overlooked.”

“Enlightened

companies recognise

that regulation is

important but it’s

even more important

that they’re able to

drive a risk culture”

THE LOWDOWN“The growing amount of regulation is a

compelling reason to seek reliable

software platforms that can handle

multi-compliance and enable control

reuse for several risks, framework

approach and holistic views.”

JJeeaann--MMaarriiee ZZiirraannoo,, vviiccee--pprreessiiddeenntt ooff

pprroodduucctt mmaannaaggeemmeenntt,, MMeeggaa

“Providers of software-as-a-service

packages are trying to satisfy this

demand, as their solutions enable

implementation without investments in

time or resource from the client's IT

department. This has opened up many

opportunities for smaller businesses to

better manage their processes.”

IIllkkaa MMccHHuugghh,, ddiirreeccttoorr ooff ssoolluuttiioonnss

ccoonnssuullttiinngg,, AAoonn eeSSoolluuttiioonnss

“Software has the unique ability to easily

bring all of this relevant information to

bear on any risk assessment decision,

either through a predefined calculation

or simply by informing the assessor at

the right time.”

JJaammeess BBaabbiicczz,, hheeaadd ooff rriisskk aatt SSAASS UUKK

30-31_All-seeing_I.qxd 22/12/2010 16:23 Page 2

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > PRODUCTS

CIR December 201032

CS STARS is the global leader inrisk technologies providingintegrated risk, claims, andcompliance solutions.

CS STARS LLC, a business unit ofMarsh, serves the technology needsof risk management professionals,as well as insurance carriers and third-party administrators –delivering integrated software and services for risk, claims andcompliance management. CSSTARS has approximately 500employees worldwide and servesmore than 1,000 clients. Its softwareand services help clients improvebusiness processes, manage costsand reduce enterprise risk.

CS STARS primary platform, STARSEnterprise, is designed to helpclients use data to understand theirorganisation’s risk profile, manageclaims, identify cost drivers, andmanage critical risk events. STARSEnterprise provides essential riskand claims management features,including:

● Convenient browser-basedinterface and internet accessibility ● Consolidated data to provide anextensive view of an organisation’soverall risk● Robust, intuitive businessintelligence reporting● Workflow automation tostreamline and improve businessprocesses

Robust View of Risk Information

Consolidated Risk DataCS STARS processes data from mostmajor insurers and third-partyadministrators, providing datatransformation services designed toimprove the quality and timelinessof risk data. Our data expertscollect and integrate internal andexternal data sources to provide aconsolidated repository of claims,

policies, exposures and other datatypically required to manage riskeffectively.

Claims, Incidents, and EventsUsing an intuitive interview-styleformat, STARS Enterprise helpsorganisations capture robustincident and claim information.Interview templates are configuredfor the unique needs of each clientand department to help simply andefficiently guide users through theprocess of reporting eventinformation.

Values and Exposure CollectionSTARS delivers a set ofcomprehensive tools that streamlinethe capture and maintenance ofvalues, exposures and COPE datafor use in policy renewals andstrategic risk management. Themodule offers secure, Web-basedaccess for values collectors who canbe either inside or outside of yourorganisation.

Streamlined Risk and ClaimsManagement

Risk and InsuranceSTARS Enterprise helps riskmanagers identify safety issues andcost drivers, set priorities, improveworkflow and communication, andbetter manage claims and other risk-related information.

ClaimsSTARS Enterprise helpsorganisations efficiently administerall claim related activities. Oursolutions give your claimsdepartment complete control overthe adjudication process withconfigurable screens, workflow,business rules, and notifications.

Safety and HealthCS STARS delivers comprehensivesolutions for creating andperforming business, risk, andcompliance assessments. STARSautomates data collection, analysisand recommendation tracking,helping clients gauge and maintain

compliance with governmentregulations, environmental, health,and safety requirements, and otherbest practices.

Data + Analytic Tools = InformedDecisionsThe industry-leading STARSEnterprise platform helps clientsunlock the power of their data withthe industry’s most innovativeanalytic tools.

Risk GogglesOur award-winning Risk Gogglesfeature is a map-based tool thatenables clients to identify andanalyse events that can impact theperformance of their business.Using Google Maps™ mappingservice, maps are enriched with riskdata, including claims, incidents,exposures, policies, compliancestatus, as well as external risk datasuch as earthquakes, weather andfire assessments.

DashboardsDashboards make it easy to find anddigest what matters by pulling eachclient’s most critical data points tothe surface. Dashboards provideeasy access to information such asclaims details, policy erosion, andsafety and compliance data thatillustrate performance using aclient’s own metrics.

Business Intelligence ReportingSTARS offers business intelligencereporting tools to provide clientswith comprehensive data access,intuitive report design options, andpowerful analytic capabilities.

Claims BenchmarkingBenchmarking is a powerful basisfor informed decision-making. Ourclaims benchmarking databaseincludes approximately 3.4 millionworkers’ compensation, generalliability, property, auto and claimsfrom approximately 500 institutionsof all sizes.

www.csstars.com

Ris

k M

anag

emen

t Sof

twar

e R

epor

t 201

1Yo

ur g

uide

to r

isk

man

agem

ent s

oftw

are:

pro

duct

sum

mar

ies

34-40_products_B.qxd 22/12/2010 18:03 Page 1

www.cirmagazine.com



ACTIVE RISKMANAGER (ARM)

ARM from Strategic Thought Group hasa broad range of risk managementcapabilities to support project,programme and enterprise governance,risk and compliance needs. It employs a top down and bottom up methodologythat focuses on the effectiveness andvalue of risk management within botheconomic and non-economicframeworks. Its functionality isapplicable across all industry sectorsand the product is available globally.ARM can record incidents, claims andnear miss information and provideseffective controls management. In termsof reporting and decision making aids,the software provides risk-adjustedperformance (corporate, operational,project) and portfolio analysis of riskexposure against different measurementdimensions (eg cost, revenue, marketshare, time, customer loyalty,reputation). ARM also provides reportsof top board risks and information tosupport internal audit. ARM is quickand easy to install and implement.Training courses and consultingservices range from technical throughrisk advisory to ensure implementationsmeet exact organisational needs. ARMsupports and enables compliance to awide variety of international standardsincluding Solvency II and ISO 31000. It also helps manage the risks of non-compliance.www.strategicthought.com

ACUITY STREAMAcuity STREAM Integrated RiskManager provides real-timemanagement dashboards and reportsthat present a consistent integrated viewof the risks to business performance.Gauges and barometers provide ‘at aglance’ views of current residual riskand compliance status with drill-downand aggregation through the enterprise.A set of real-time graphical reports

includes top 10 risks, risk history,compliance history, event history, actionstatus and return on investment. AcuitySTREAM Integrated Risk Manager isused for enterprise-wide corporate andprogramme/project risk managementand reporting. The product is deployedwhere users wish to measure their risksin relation to performance metrics andcompliance with control standards, suchas regulatory compliance, security,health and safety and businesscontinuity. Users can also drill down toinvestigate areas of concern and, viewaggregate risk and compliance status. www.acuityrm.com

AGENARISKAgenaRisk is a risk analysis andknowledge-based decision supportsoftware tool that is used to helporganisations gain competitiveadvantage and enhance value forstakeholders. Using the latestdevelopments in Bayesian networks,AgenaRisk enables enterprise-levelmodelling and predictive analytics to support business critical decisionmaking, enabling senior management to focus on the key risks and controlswithin their business. This product is used across a number of industry sectors including defence, financialservices, aerospace, telecoms andtechnology to support operational risk and continuity ensuring the safety and reliability of systems.www.agenarisk.com

AGILIANCERISKVISIONAgiliance RiskVision allows companiesto identify, assess, and mitigate risks;create risk-based business response toresolve threats and vulnerabilities; andreduce time and cost of managingvendor risk and third party programmes.The product allows users to establish aprocess and workflow to identify, score,and mitigate their key risks. RiskVisioncan be used for both top-down andbottom-up risk management and can use qualitative, semi-quantitative, andquantitative approaches to classify risk.

The product features over 150 reportsthat address threats, risks, incidents andcompliance posture, such as key riskindicators (KRIs) and risks from threatsand vulnerabilities. Agiliance providescontent to the most requestedregulations and standards, includingPCI, GLBA, SOX, HIPAA, ISO andBITS, among others. This product isavailable internationally and users don’tusually require specific training orconsulting services to use it.www.agiliance.com

AON RISKCONSOLE

In addition to manual input processingin areas such as incident reporting and renewals, RiskConsole can alsoconsolidate data from multiple externalsources as well as internal systems suchas human resources, payroll and fleet.This allows clients to establish a centralrepository of risk information with allrelated data, giving a complete 360°risk picture. Organised as a series ofmodules, RiskConsole is designed to be fully flexible and is configured to match the client’s exact requirements.It can seamlessly integrate client-specific workflows from across the entire business, as well as with thirdparties such as insurers, claimsadjusters, captive managers andsolicitors. By accommodating theadministrative, reporting and analyticalneeds of insurance and riskmanagement operations, clients usetheir data and reports to drive downcosts through loss prevention andimproved insurance premiums.Essentially, RiskConsole helps clientsunderstand and lower total cost of riskby 3-10%. The intuitive nature of thesolution means training is minimal, and many users are able to useRiskConsole from day one. RiskConsolealso facilitates a wide range of riskmanagement initiatives includingsupport for legislation such as Sarbanes-Oxley (SOX), Basel II and the forthcoming Solvency II.www.aon-esolutions/cir


www.cirmagazine.com


CIR December 201034

@RISK

Palisade’s @RISK provides quantifiedresults which can be used by thedecision maker as a basis to developappropriate measures to mitigate ormanage risk. @RISK replaces fixedmodel input assumptions with user-defined probability distributions andthen conducts a ‘what if’ Monte Carlosimulation thousands of times. Resultsare presented in a clear and user-friendly visual format. @RISK producesa full statistical report on simulations.One-page ‘quick reports’ can beproduced with a single mouse click.These include graphs, tornado charts for sensitivity analysis and summarystatistics. The software is accompaniedwith a free tutorial. Making the bestdecisions means performing riskanalysis. @RISK offers an easy,affordable, and effective way to startperforming risk analysis in the familiarExcel environment. Palisade alsoprovides hands-on training, tailoredtraining and risk consulting.www.palisade.com

BARNOWLBarnOwl provides a single, fullyintegrated risk management, internalaudit and compliance software solution.Risks can be rated qualitatively andquantitatively. The quantification of risks can be linked to the impact andlikelihood or can be calculatedaccording to user defined formulae. In addition, KRIs can be specified for a risk and measured in terms of valueand/or percentage and/or quantity.With this product, report views can be created by dragging, dropping,grouping and filtering registers andthen exporting to Excel. Additionalreports are developed on an ongoingbasis. BarnOwl provides professionalintegrated word reporting in the internalaudit module. It also provides the abilityto import compliance checklists, sendout compliance surveys and monitor

compliance. Action plans can be created to drive complianceaccountability. This product is usedwithin retail, government, financial,telecoms, logistics, informationtechnology, medical, audit and risk advisory and in manufacturing. It is available worldwide and has aparticularly strong presence in Africaand Eastern Europe.www.barnowl.co.za

CITICUS ONE Citicus ONE is a web-based applicationthat offers an efficient, constructive andcontinuous method of measuring andmanaging information risk, supplier risk and other areas of risk across anenterprise. The product gives businessowners insights into the risk status oftheir areas of responsibility, andpractical guidance on driving riskdown. It also provides management withan overview of the risk and compliancestatus of their critical operational assetsand processes. Results of riskevaluations are presented in graphicalreports that capture the attention of busydecision makers. Citicus ONE can beinstalled in-house or accessed via asoftware-as-a-service model, and can be integrated with Citicus MoCA foriPhone, iPad and iPod touch.Implementations can be scaled up or down as required and deploymentdoes not require lengthy consultancyengagements.www.citicus.com

CURA ENTERPRISE

Cura provides software solutionsdesigned to enable businessesworldwide to meet their governance,enterprise risk management (ERM) andcompliance requirements. CuraEnterprise achieves this through fastimplementation, easy configuration, andtrue enterprise architecture. It is a fullyweb-enabled risk management system

designed to enable users to create and assess risks based on their chosenmethodology. It uts the power ofconfiguration in the hands of usersthrough the use of innovativetechnology. Cura is used by Global1,000 enterprises including Vodafone,Coca-Cola, Allianz, Dubai Holdings,BHP Billiton, MTN and over 200organisations worldwide. Cura alsopartners with consulting firms infocused areas of risk and compliance. Itis ranked as a Magic Quadrant Vendorand visionary by Gartner Research andas a leader in the GRC domain byForrester Research. Cura facilitates themanagement of ERM, ORM, financialcontrols, project risk and risk maturity,Basel II, Solvency II and supportsmultiple frameworks (ISO 31000, CobiT,ISO 27000, COSO). Cura also supportsPCI DSS compliance initiatives. CuraSoftware Solutions has offices in London(UK, Europe and Middle EastHeadquarters), Boston, Johannesburg,Sydney and Melbourne, Singapore andHyderabad.www.curasoftware.com

EASYRISK MANAGER

EasyRisk Manager is a web-based toolthat supports risk management activitiesinternally and externally. The softwareprovides a clear picture of threats in thevalue chain and enables companies totake action before an incident escalatesinto a crisis. Based on more than 18years of methodology, research andinsight from other risk managementtools, the software provides a highlycustomisable interface without the needfor extensive consultancy services. Userscan set up specific risk categorisationschemas for process and ISO standards,according to individual needs. Bycapturing every change and incident ina central location, users can alsoperform rapid performance reviews,follow up on risk groups, check actionsand results, and easily maintain riskprofiles. The product will also produce


Active Risk Manager (ARM) is recognized as having "the most extensive range of ERM capabilities currently available". We'd love to discuss how ARM can meet your own

project, program, ERM and GRC needs – contact us at [email protected].

* Risk Management Awards in association with the IRM, November 2010

Find out why Active Risk Manager was voted "Risk Management Application of the Year"*

www.strategicthought.com

Enterprise-wide Governance Risk & Compliance

Active Risk Manager

CIR Magazine - Full Page Ad (resized to A4).indd 1 16/12/2010 16:14

www.cirmagazine.com


CIR December 201036

reports to check the current risk statusand statistics to show the developmentover time. EasyRisk Manager alsoprovides automated alerts about notableincidents requiring immediate action.More than 5,000 users spanningindustries such as oil and gas, banking,telecoms, transportation, finance andfood are using the solution in order toreveal pressing issues, prioritiseresources and manage risk.www.easyrisk.no

FIGTREE RMISUsing Figtree’s workflow automation,document management, reporting andweb-based data capture, users canincrease productivity, lower costs andimprove their service to their owncustomers. Figtree’s risk managementproduct offerings include extensivefeatures to capture and review risks, and assign controls and actions thatmitigate or reduce their impact atvarious organisational levels. It providesautomated notifications, as well ascapturing all costs associated with aparticular risk. Graphical risk matricesprovide an instant snapshot of riskprofile, along with the ability to drilldown to the actual risks. Figtreeprovides software solutions to localauthorities, central government, policeforces, insurers, brokers, TPAs, utilities,transportation and constructioncompanies. www.figtreesystems.com

JCAD LACHS

JCAD LACHS is a robust and costeffective technology solution for themore efficient management of claimsand incidents. It stores all claim relateddata enabling analysis of cause andblame for risk management purposes.The application uses Crystal Reports to produce a wide range of insurancereports. These can be tailored to eachorganisation so that MI can be easilyand simply extracted. JCAD LACHS is

used in the UK by local government,housing associations, and by the fireand police services. It is also in use bycommercial organisations for instancewithin construction, facilitiesmanagement. JCAD provide consultancyto prototype the database, migratehistoric data and onsite training for keyinsurance personnel.www.jcad.com

JCAD RISK

JCAD RISK is a web-based enterpriserisk management software applicationthat is cost effective yet feature rich. Itmanages risk by enabling the storage ofrisks/controls/ supporting documents ina central repository accessiblethroughout the enterprise. Risk isassessed using a customprobability/impact grid. This numericprofile or equivalent ‘rag rating’ is thenused in all reports to illustrate riskperformance. The application usesCrystal Reports as well as an on linetool which enables different views ofrisk to be shown, in essence exceptionreports. The system aids and supportsSolvency II, corporate governance andbusiness continuity. JCAD providesconsultancy to customise the RISKapplication and onsite training for thecore risk practitioners. They also offerupload of existing risks and hostingservices. JCAD RISK is used in the UK,US and in some parts of Europe mostlyin local government, housingassociations as well as in banking andacademia.www.jcad.com

KEANE SCORE Keane Score measures, manages andmonitors risk and compliance processesand internal audits. Used predominantlyin financial service organisations, itworks via dynamic profiling based uponassociating self assessment, variablecapital impacts, controls results andstatuses to risk registers. With Keane

Score, users can benchmark data forcontrols, risk profiling, capital impacts,self assessment scores and BIA. Trainingfor administrators usually takes abouttwo days. Users can be trained in aboutan hour. Keane Score is a processmanagement platform. Content insystem is customisable, so the limitationsof types of compliance are bound onlyby the adopter’s limitations on contentrequirement. An important feature ofthis software is its multiple simultaneousdistribution of interactive processes andhub and spoke command and controlinfrastructure.www.keanebrms.com

KNOWRISKKnowRisk is used as a safetymanagement system in a number of blue-chip corporates who haveembraced ERM. KnowRisk enablescorporations from a range of industriesincluding mining, construction, financeand insurance and energy to addressdifferent risks strategies includingbusiness risks, business continuityplanning, project risks, reputation,safety, security, compliance andinsurance under one common platform.A suite of products exist to cater forsmaller operations to corporations with global operations, serving all levels from board to executives to staff.www.corprofit.com

MEGA SUITE

MEGA Suite is the foundation for a complete set of integrated GRCsolutions for risk managers, compliancemanagers, internal control and audit. It integrates global GRC across silos,based on common GRC processunderstanding. The product providescomplete risk modelling via risk eventdata entry, risk modelling, statisticalCAR calculation, risk evaluation,integration with external databases andpredefined risk models. MEGA Suite


www.cirmagazine.com



provides a powerful integrated riskengine for basic and advanced riskquantification, based on statisticalcalculation and Bayesian calculation tocombine quantitative and qualitativerisk evaluation approaches. Mega Suiteis used to address SOX, EuroSox, 262,LSF, Basel II, ISO, COBIT. This productships with a complete set of predefinedGRC reports and dashboards. End userscan easily create and customise theirown. Most customers ask Mega toanimate workshops to ease platformadoption with users and managers. The flexible nature of the Suite makeseasy work of multi-compliance issues.The product is distributed worldwide by MEGA subsidiaries and distributors.www.mega.com

METHODWAREERA from Methodware is a completeGRC software solution giving clientsownership of their risk assessment,regulatory compliance, corporategovernance and internal audit processesand data. ERA features personaliseddashboards, workflows and reporting –users can balance qualitative andquantitative approaches to riskmanagement, track loss event activityand KRIs and identify opportunities.This product is suitable for all kinds oforganisations, from insurers facing newregulation to utilities wrestling withmultiple risk and audit platforms.Almost 2,000 clients in 80 countriesutilise the Methodware solution.www.methodware.com

METRICSTREAM

The MetricStream solution supports riskassessment and computations based onconfigurable scoring methodologies,criteria and algorithms. The systemallows for user-defined risk criteria and scoring methodology to be definedat any level of the organisation forcalculation of inherent risk, residual riskand related risk tolerance. It provides arobust and scalable infrastructure that

offer powerful core services andcapabilities such as workflows,configurable forms, collaboration, real-time exception tracking, email alertsand notifications, integration, reports,executive dashboards, businessintelligence, analytics, and secureaccess control. The solution includes a strategic usability framework based on web 2.0 technologies that has anintuitive structure. MetricStreamprovides strong integration betweencorporate reporting, strategy, andperformance management with risk andcompliance through powerful tools forperformance monitoring and decisionsupport such as balanced scorecardsand risk heat maps. It also offerspowerful capabilities to provide themost up to date information on riskmanagement through multiple channelsbuilt into the platforms such as externalloss data and regulatory alerts.Application forms, fields and workflowscan be created and modified to matchspecific business processes,terminology, and rules without anyprogramming or code change.www.metricstream.com

MIMS RMMIMS RM is a comprehensive web-based application allowing riskmanagement benefits to be gainedthroughout an organisation and its key partners. It deploys a single riskregister with an aggregated risk matrixthat is overlaid by a range of filterswhich, when set, allow drill down and reporting. The system is primarilyobjectives-driven, compares risk toappetite (adjusted for differentorganisational levels) and, inter-alia,records control measures, attachesdocumentation and provides emailalerts when actions become due. Each risk can be further assessed for itsimpact on key process continuity and an audit feature is included to assurethat control measures are effective. www.stewart-software.co.uk

MKACUITYMKacuity is a fully web-enabled riskmanagement system designed to enable

users to create and assess risks basedon their own chosen methodology. Therange of information that can beattributed to an individual risk is diverseand fully user definable. In addition,users can record controls, proposedcontrols and actions associated witheach risk. As a .Net applicationMKacuity allows the management ofuser privileges and access rights acrossthe entire system. The product alsocomes with a comprehensive set ofalerts to keep users and risk ownersaware of outstanding risk assessmentsand actions. MKacuity includescomprehensive processes for all riskcreation and approval processes alongwith detailed reporting capabilities inwhich the user can specify and filter awhole array of different reports whichcan then be exported to Word, Excel,Adobe PDF, html, .csv and text files.www.mkacuity.com

OPTIALOptial offers a platform for managingkey business assurance activities – moreefficiently and more effectively. Theproduct is web-based and modular,providing a rapid delivery, low-costdeployment and low maintenancesolution, while supporting fullenterprise-wide scalability. It allowsorganisations to better manage theiroperational risk, control andcompliance activities in response to a wide range of industry specificregulatory and governancerequirements. Optial is used across suchsectors as banking, insurance and assetmanagement, as well as in energy andpharmaceuticals.www.optial.com

PENTANA

Risk management professionals usePentana software for such daily riskactivities as maintaining risk registers,performing risk reviews and managingrisk reduction activities. Specific


www.cirmagazine.com


CIR December 201038

benefits of the software include built-inrisk assessment scheduling; the abilityto track risk reduction activities andreport on progress; risk register andmaintenance tools and automaticallygenerated risk reporting. Pentana’sclients span the public and privatesectors in industries worldwide.Customer support is available throughits UK headquarters, US and Australiansubsidiaries and registered resellers inmany other countries. www.pentana.com

PREDICT!Predict! Risk Analyser & Predict! RiskController from Risk Decisions are web-based integrated ERM solutions thathelp identify, prioritise, manage andmitigate risks, providing an effectiveframework to establish the right balanceof strategic, programme, project,functional or operational risk andreward. A Monte Carlo simulationengine calculates the cumulative effect of cost or schedule uncertainty on business and project plandeliverables, and allows ‘what if’scenario modelling. Bespoke simulationmodels can also be built within afamiliar spreadsheet environment.Predict! is deployed throughout theconstruction, infrastructure, defence,transport, aviation and energy industriesas well as within government agencies.It is user configurable to meet thecompliance requirements of constantlyevolving global risk standards includingSOX, Turnbull and Basel II. Thesoftware also meets the requirements ofISO 31000, PMI, PRAM and OGC andprovides a single, holistic view of riskacross the entire business.www.riskdecisions.com

TEN RISK MANAGERTen delivers a cost effective end-to-endflexible risk management framework tohelp organisations identify risks; assesspotential risk impacts; determineacceptable levels of exposure andmanage controls for addressing theseimpacts. The system provides anintuitive web-based environment to

collate, analyse and communicate riskinformation. Risk is quantified using acombination of a simple traffic lightsystem and a user configurable scoringsystem for both risk assessments and thecontrols put in place to mitigate therisks. Reports are produced on demandto provide accurate, up to dateinformation to support the decisionmaking process and utilise both familiartabular style reports and graphicalcharts to show trend analysis. Furtheranalysis is provided by a combination ofscorecards and dashboards the contentof which is configured by the user. Tenis widely used in both the public andprivate sectors. Existing customers comefrom areas including banking, financialservices, government agencies and themanufacturing industry.www.hiteclabs.com

THESISTHESIS uses the BowTie concept to assist the user in undertakingsimplified, yet integrated risk analysisand management across its wholebusiness portfolio. The THESIS BowTiemethodology is highly visual, allowingthe management process andinterlinking of control elements to be readily understood across all levelsof the business. The structured processallows the user to identify each hazard,consequence, controls (barriers) andescalation factors. It then identifies the critical tasks in order to maintainthese control measures and assignsresponsibility to appropriate individuals.THESIS software can be used both as anERM and business continuity tool. Itprovides a powerful means ofdemonstrating compliance to top levelmanagement, regulatory bodies andlegislators, principle investors and to thepublic, while simultaneously serving as an invaluable channel forcommunicating to the workforce critical procedures and individualresponsibilities. BowTies can be createdto encapsulate many risks and hazardsfacing the modern business includinghealth, safety, environmental, businessand security. The software is usedworldwide in a multitude of industries,including but not exclusively, oil and

gas, power generation, petrochemical,pharmaceutical, aviation, shipping andlogistics, IT and public sector. THESIS5.5 is available as a standalone productor as a fully web-based tool for servinglarger multi-site clients. www.absconsulting.com

WEBRISKCompletely web-based, WebRiskrequires no third party software to runand is generally delivered hosted on an unlimited user basis. WebRisk ismodular and encompasses renewal datagathering, insurable and non-insurablerisk identification, evaluation andcontrol, policy management andincident/claims management. Thisproduct also features an ad hoc report writer and a comprehensive suiteof tailorable reports. WebRisk iscommonly used as a risk portal acrossthe enterprise, providing local managerswith information as well as gatheringrisk profile information and incidentnotification. www.effisoft.com

WELCOMRISKDeltek WelcomRisk provides astructured means of identifying,responding to, and reporting projectrisks. All identified risks are centrallylogged and are typically associated with different elements of a project ororganisational structure. The productaims to simplify identification,management and response to risks,whether threats or opportunities. Risks are identified, categorised, and quantified using a comprehensiverisk register. The ability to export realrisk to a Monte Carlo analytics systemenhances the quantitative risk analysis.Users can compare the cost of the riskwith the cost of mitigation action andalso capture mitigation options. DeltekWelcomRisk supports PMI PMBoK, US DOD 5000 and AS/NZS 4360:2004.The software is used globally in the aerospace and defence,healthcare, IT, construction, and oil and gas industries.www.deltek.co.uk


VENDOR OPINION PIECE

Risk convergence is the process of integrating different risk functions to

streamline risk management. Bringing all risk and opportunity

information together means better informed strategic decision-making.

But how close are we to the meeting the goal of risk convergence?

The reality of the past

In recent years risk management, regulatory and compliance

requirements have become increasingly complex and intrusive. This has

resulted in the growth of an ad-hoc approach to risk management.

Multiple ‘risk silos’ have evolved resulting in:● Senior management receiving multiple risk reports which do

not provide an enterprise view of risk and opportunity. ● Multiple requests for similar risk information from different

risk functions and for different purposes (Internal Audit, Risk,

Compliance, HSE) resulting in ‘risk fatigue’. ● Risk management is seen as being handled by ‘someone else’

not as an integral part of everyone’s job. ● Risk data is being stored in multiple places and in different

formats eg complex spreadsheets, online and paper

documents, databases, in-house and third party specialist risk

software. Resulting in information falling through the cracks

and decision makers missing the big picture.

Now is the time to take an enterprise approach to risk

The rising costs, lack of visible returns and the exposure of the

board caused by gaps in risk information, has seen an increasing need for

a re-think on risk, this time with an enterprise approach from the outset.

A common risk framework and single risk management software system

such as Active Risk Manager from Strategic Thought will make risk

convergence much simpler to achieve.

What benefits will risk convergence deliver?

Converging risk management into an enterprise-wide framework will

provide a platform to deliver the true picture of risk to the Board and

offers scope for significant cost savings.

Other benefits which organisations have reported include:

● More complete, better quality risk management information is

available more quickly to drive better decision making at all

levels – with drill-down into underlying detail● Clear, streamlined risk processes and procedures are both cost

and time efficient● All risk functions, committees and teams can be aligned and

given clear mandates and scope● Co-ordinated and effective use of human, financial and IT

resources with reduced duplication of effort● Risk management changes from being seen as a cost and a

chore, to a strategic tool to improve business performance and

increase certainty

● Enhanced engagement and ownership from business users

who are less deterred by the perceived burden of their risk

responsibilities● Improved communication across risk functions allows sharing of

best practice, identification of opportunities for enhancements/

efficiencies and support for common risk objectives

Strategic risks in the context of corporate risks and strategies

The biggest gains from risk convergence will be seen when information

collected bottom-up through the organisation is visible at senior

management levels and can be reassessed in the context of corporate

objectives and strategic risks identified by the board.

The ability to see the bigger picture allows the board to spot emerging

risks which could have major impacts on business performance,

corporate reputation and shareholder value. For example, risks rated as

low impact or mitigated in a certain way at lower levels of the

organisation can become business critical when seen in context of risks

from other areas, clashing demands on scarce resources or set against

strategic objectives. Taking the enterprise view will allow management to

make informed strategic decisions.

Risk convergence can now be a reality when enabled by an enterprise-

wide risk management system and process. Aiming for risk convergence

in the right way will benefit every organisation and give the board more

confidence that they are making the right decisions for the right reasons.

Emma Price, Director, Risk Advisory, Strategic Thought Group

Risk Convergence: Myth or Reality?

Ten proven steps to achieve risk convergence

1. Identify the business case for change prior to the start of the

convergence project

2. Name an executive level sponsor to drive the convergence initiative

3. Communicate regularly and consult at all stages with key

stakeholders

4. Set and communicate the risk appetite deemed appropriate for the

business and do not underestimate the change management and

training necessary to embed the resulting 'risk culture' which is

required at all levels of the business

5. Develop a clear map to address overlaps and gaps in the mandates

and scope of the existing risk functions and systems

6. Develop an organisation-wide risk and control process which

includes a common risk language

7. Document revised governance processes

8. Establish a central repository where all risk information is stored

with a common data structure

9. Establish a ‘community of practice’ to ensure effective

communication with regards to risk to share lessons learned and

best practice

10. Implement a process of continuous review and monitoring

strategicThought_advertorial.qxd 15/12/2010 18:12 Page 1

General

Full process analysis hierarchy

Full process escalation hierarchy

Objectives hierarchy

Asset hierarchy

Financial accounts hierarchy

Expand and collapse hierarchy

Risk assessment / analyses

Audit findings / trail / log

Scalable and tested to 100 users

Scalable and tested to 1,000 users

Scalable and tested to 10,000 users

Automatic alerts

Risk identification

Knowledge base

Issues, losses and risks

Custom IDs

Risk description

Risk estimation

Risk categorisation

Risk treatment

Risk register

Risk quantification

Risk comments

Linked documents

Loss and accident identification

Linking losses to risk

Multiple risk types

Risk linkage

Risk review process

Risk approval

Risk surveys

Control surveys

Risk assessment

Risk matrix

Impact categories

Scoring schemes

Qualitative assessment

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

CS S

TARS

Active

Risk

Man

ager

Acuity

STR

EAM

Integ

rated

Risk

Man

ager

Agena

RiskAgi

lianc

e Risk

Visio

n

Aon R

iskCon

sole

@ris

kBa

rnO

wlCiti

cus O

NECur

a Ente

rpris

e GRC

Platf

orm

Easy

Risk M

anag

er

Figt

ree R

MIS

JCAD L

ACHS

JCAD R

ISK

Keane

Sco

reKno

wRiskM

EGA S

uite

Meth

odwar

eM

etricS

tream

MIM

S RM

MKac

uity

Opt

ialPe

ntana

Pred

ict!

Ten R

isk M

anag

er

Thes

isW

ebRisk

Welc

omRisk

www.cirmagazine.com

RISK MANAGEMENT SOFTWARE SUPPLEMENT > PRODUCT FEATURES

CIR December 201040

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

40-43 matrix_2011.qxd 22/12/2010 09:49 Page 1

Quantitative assessment

Gross, Residual, Target

Opportunity

Frequency

Financial years modelling

Multiple risk impacts for single risks

ROI

Escalation

Risk mitigation

Control type

Control description

Control status

Control assessment – qualitative

and quantitative

Control effectiveness

Evaluation

Testing

Actions

Fallback

Plan

Waterfall charts

Provision management

Plans linked to multiple risks

Linked actions to multiple plans

Analysis & reporting

Multiple application reporting

Standard reporting

Aggregated risk matrix

Probability impact diagram

Monte Carlo simulation – cost

Monte Carlo simulation – schedule

Sensitivity analysis

Provision management

Drill-down interactive reports

Schedules reporting

Data driven reporting

Report delivery

Risk adjusted balanced score cards

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

CS S

TARS

Active

Risk

Man

ager

Acuity

STR

EAM

Integ

rated

Risk

Man

ager

Agena

RiskAgi

lianc

e Risk

Visio

n

Aon R

iskCon

sole

@ris

kBa

rnO

wlCiti

cus O

NECur

a Ente

rpris

e GRC

Platf

orm

Easy

Risk M

anag

er

Figt

ree R

MIS

JCAD L

ACHS

JCAD R

ISK

Keane

Sco

reKno

wRiskM

EGA S

uite

Meth

odwar

eM

etricS

tream

MIM

S RM

MKac

uity

Opt

ialPe

ntana

Pred

ict!

Ten R

isk M

anag

er

Thes

isW

ebRisk

Welc

omRisk

www.cirmagazine.com



●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

40-43 matrix_2011.qxd 22/12/2010 09:49 Page 2

Risk adjusted GANT chart

Bayesian analysis

Functionality & administration

Context sensitive help

Screen customisation

Interactive charts

Search and filter

Personal filters

Public filters

Group filters

Roll-forward capability

Multi currency

Multi language

Multi-language support

Templates

Security

User role-based security

User group-based security

Business activity and project access

Folder-specific security

Integrated project access security

User security clearance

Technical compatibility

Web application

Web service API

Synchronisation with active directory

Intergration with MS Office

Intergration with enterprise

reporting systems

Integration with collaboration tools

Ability to install software on user’s own IT

infrastructure

Support for offline working and

synchronisation

Hosted option / SaaS

European hosting

Modular installation

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

CS S

TARS

Active

Risk

Man

ager

Acuity

STR

EAM

Integ

rated

Risk

Man

ager

Agena

RiskAgi

lianc

e Risk

Visio

n

Aon R

iskCon

sole

@ris

kBa

rnO

wlCiti

cus O

NECur

a Ente

rpris

e GRC

Platf

orm

Easy

Risk M

anag

er

Figt

ree R

MIS

JCAD L

ACHS

JCAD R

ISK

Keane

Sco

reKno

wRiskM

EGA S

uite

Meth

odwar

eM

etricS

tream

MIM

S RM

MKac

uity

Opt

ialPe

ntana

Pred

ict!

Ten R

isk M

anag

er

Thes

isW

ebRisk

Welc

omRisk

www.cirmagazine.com


CIR December 2010

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

42

40-43 matrix_2011.qxd 22/12/2010 12:19 Page 3

Access by stakeholders to risk data

Incident & claims management

Web based incident reporting

Ability to convert incidents to claims

Automated incident investigation

and escalation

Full claims administration

Integrated standard letter functionality

(MS Word)

RIDDOR / CRU1 reporting

External claims benchmarking

Data conversion and consolidation services

Dashboards for tracking claims metrics and KPIs

Policy and premium management and

premium allocation

Policy program functionality

Policy erosion

Allocation of premiums based on exposure

values and claims

Capture of premium information

Tracking of covered locations and perils

Renewal data

Customisable renewal questionnaires

Automated data validation against previously

submitted values

Automatic reminders for unsubmitted values

Predefined report templates for renewal

data consolidation

Asset and fleet management

Geospatial analytics

Integration with geospatial analytics

Incorporates external events

Automatic alerts based on the proximity and

severity of external events to your locations

Integration with business intelligence

reporting tools

●

●

●

● ● ●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

● ● ●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

● ●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

● ●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

CS S

TARS

Active

Risk

Man

ager

Acuity

STR

EAM

Integ

rated

Risk

Man

ager

Agena

RiskAgi

lianc

e Risk

Visio

n

Aon R

iskCon

sole

@ris

kBa

rnO

wlCiti

cus O

NECur

a Ente

rpris

e GRC

Platf

orm

Easy

Risk M

anag

er

Figt

ree R

MIS

JCAD L

ACHS

JCAD R

ISK

Keane

Sco

reKno

wRiskM

EGA S

uite

Meth

odwar

eM

etricS

tream

MIM

S RM

MKac

uity

Opt

ialPe

ntana

Pred

ict!

Ten R

isk M

anag

er

Thes

isW

ebRisk

Welc

omRisk

www.cirmagazine.com



●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

●

40-43 matrix_2011.qxd 22/12/2010 09:49 Page 4

RISK MANAGEMENT SOFTWARE SUPPLEMENT > SUPPLIER DIRECTORY

Aon eSolutions10 Devonshire SquareLondon, EC2M 4PL

Contact Craig Torgius on +44 (0)20 7086 0149

or [email protected] or visit

www.aon-esolutions.com/CIR for further information.

Offered by Aon eSolutions, Aon RiskConsole is an award-winning, web-based risk management information system (RMIS) that uses risk,exposure, claim and policy data to provide CFOs, CROs and risk managers with an integrated enterprise-wide view of their risk.

RiskConsole was the industry's first online RMIS and still leads the way today. Over 300 global firms from a vast spectrum of industriesacross the world now trust RiskConsole to maintain a wide variety of risk and insurance information.

Following careful consultation, the fully-flexible solution is adapted to seamlessly integrate with client-specific workflows from across theentire business, as well as with third parties such as insurers, claims adjusters, captive managers and solicitors, giving a 360° risk picture.

By accommodating the administrative, reporting and analytical needs of insurance and risk management operations, clients use their dataand reports to drive down costs through savings achieved through greater loss prevention, improved workflow efficiencies and lowerinsurance premiums. Ultimately, RiskConsole helps clients understand and lower Total Cost of Risk.

CS STARS LLC Tower Place, London EC3R 5BU Tel: 020 7357 3149 Fax: 020 7357 1643 Email: [email protected] Web: www.csstars.com Contact: Andrew Duttine

CS STARS delivers industry-leading software and services for managing risk, claims, and insurance. More than 1,000 organisations acrossthe globe rely on CS STARS' solutions for consolidating risk information, analyzing and reporting risk exposures, administering claims,tracking corporate assets, and automating compliance audit processes.

Our comprehensive, web-based solutions include:

Data Transformation Services - Consolidate risk and claims information into a single, comprehensive data repository. Event Management Tools - Manage risk-related events based on individual business requirements and industry best practices. Workflow Automation - Automate routine tasks and alert users of events warranting special attention. Values Collection - Collect asset values to support insurance policy renewal discussions. Risk and Compliance Assessment - Measure and monitor compliance with loss prevention guidelines and safety and healthregulations. Reporting and Analytics - Create dashboards, risk maps and sophisticated reports that can be easily shared throughout an organisation.

Phil WaldenJC Applications Development LtdManor barn, Hawkley Rd, Liss, Hampshire, GU33 6JS

Tel: 01730 712020Fax: 01730 712030Email:[email protected](JCAD are an ISO9001 accredited company)

At JC Applications Development Ltd we believe that our commitment to providing simple to use yet feature rich applications for claimsand risk management, is what has enabled us to grow a successful and satisfied client base of over 160 organisations. Although ourclients can occupy very different sectors of business, for instance; UK Central & Local Government, US Government, HousingAssociations, Construction and Insurance, sentiments converge when looking for a proven technology solution provider.

Unlike other companies we don’t profess to be experts in a range of disciplines just the best in two, claims handling and riskmanagement. Don’t just take our word for it, in our last customer survey 100% of respondents said that they would recommend usand 98% rated our support services as either good or excellent.

If you want to improve your claims handling process and reap the benefits of reduced costs and fewer claims or if you wish to easilyembed risk management throughout your organisation, then we look forward to talking with you.

Active Risk ManagerStrategic Thought Group plc,1, Grenfell Road,Maidenhead,Berks SL6 1HN

Tel: 01628 582500Fax: 01628 582600Email: [email protected]: www.strategicthought.com

Active Risk Manager (ARM) from Strategic Thought Group was awarded 'Risk Management Application of the Year'.From project and program risk through to full Enterprise Risk Management, ARM software uniquely delivers anintegrated approach to identifying, documenting, mitigating, monitoring and analyzing both risks andopportunities. Using ARM can enable business performance improvements and make risk-adjusted businessplanning a reality.

ARM has the breadth and depth of capability to support organizations' risk management processes as they matureand evolve over time. Whether your start point is project risk, business continuity, bid management, reputationalrisk, insurance efficiency, supply chain resilience, health and safety or improving your credit rating, ARM is the'risk engine' which will deliver value at each step along your journey. ARM aids compliance with project,operational and enterprise-wide guidelines. The effective management of risks and opportunities through ARMenables companies to meet corporate governance requirements and standards such as ISO 31000 and Solvency II,while balancing the risk/reward mix to maximise the return on opportunities.

Strategic Thought was founded in 1987 and has main offices in the UK and US. Active Risk Manager is used bymajor organizations around the globe including Rio Tinto, Lockheed Martin, US Air Force, NASA, LondonUnderground, Raytheon and SABIC.

Cura Software SolutionsSuite 125Berkeley Square House1 Berkeley SquareLondonW1J 6BDwww.curasoftware.comTelephone: +44 (0) 207 887 1595

Cura provides smarter software solutions designed to enable businesses worldwide to meet their Governance, Enterprise RiskManagement and Compliance requirements. Cura does this through fast implementation, easier configurability, and trueenterprise architecture. Cura is a fully web-enabled risk management system designed to enable users to create and assessrisks based on their chosen methodology and puts the power of configuration in the hands of our customers through the use ofinnovative technology.

Cura is used by Global 1000 enterprises such as Vodafone, Coca Cola, Allianz, Dubai Holdings, BHP Billiton, MTN and over200 organizations worldwide. Cura also partner consulting firms in focused areas of risk and compliance. Cura is ranked as aMagic Quadrant Vendor and visionary by Gartner Research and as a leader in the GRC domain by Forrester Research.

Cura facilitates the management of ERM, ORM, Financial Controls, Project Risk and Risk Maturity, Basel II, Solvency II andsupports Multiple Frameworks (ISO 31000, CobiT, ISO27000, COSO).

Cura also supports PCI DSS compliance initiatives.

Cura Software Solutions has offices in London (UK, Europe and Middle East Headquarters), Boston, Johannesburg, Sydneyand Melbourne, Singapore and Hyderabad.

RMS_supplier_directory.qxd 22/12/2010 18:10 Page 1

RISK MANAGEMENT SOFTWARE SUPPLEMENT > SUPPLIER DIRECTORY

Palisade Corporation develops and provides software, training and consultancy services for risk and decision analysis.Founded in 1984, Palisade's products include @RISK, PrecisionTree, and the DecisionTools Suite. Palisade softwareadds-in to Microsoft Excel and provides decision makers with techniques such as Monte Carlo simulation, geneticoptimisation, decision trees and neural networks in a familiar and intuitive environment.

Currently 93% of today’s Fortune 100 use Palisade software solutions in industries ranging from finance, oil & gas, andinsurance through to construction, government, and healthcare. The DecisionTools Suite is included in many of today’sleading MBA textbooks and is taught to more than 40,000 students annually.

Palisade’s Training and Consulting Department offers customised, on-site training classes in addition to web training,regional seminars and consultancy services.

Palisade also run a series of international events that educate professionals, in all fields, about new and innovativeapproaches and methodologies to risk and decision analysis in different industry sectors.

Visit www.palisade.com or email [email protected] to learn more.

Palisade31 The GreenWest DraytonMiddlesexUB7 7PNUK

Tel: +44 1895 425050Fax: +44 1895 425051www.palisade.com

PentanaTel: +44 (0) 1707 373335 (Europe)Fax: +44 (0) 1707 372992 (Europe)Tel: 800-350-8034 (US)email: [email protected]

Pentana Ltd was established in 1992 and since then our team of commercially experienced risk, audit andcompliance experts have driven Pentana software development.

Successful risk management professionals are actively using Pentana software for their daily risk activities such asmaintaining risk registers, performing risk reviews and managing risk reduction activities. Specific benefits of thesoftware include; built in risk assessment scheduling, the ability to track risk reduction activities and report onprogress, risk register maintenance tools and automatic generation of risk reports for the board.

Pentana's clients span both public and private sectors in industries across a truly global arena. Internationalpresence and customer support is provided by our UK headquarters, US and Australian subsidies and resellers inmany other countries.

MEGA International Ltd.Argentum, 2 Queen Caroline StreetHammersmith, London W6 9DXUnited KingdomPhone: +44 (0) 208 323 8033Fax: +44 (0) 208 323 8312Email: [email protected]: www.mega.com/uk

MEGA is a worldwide industry innovator in comprehensive governance, risk, and compliance solutions, dedicated to helpingcompanies understand and reduce business complexity, establish successful governance, and effectively manage global risks.

MEGA's software solutions, complemented by expert consultants, provide firms with the most important competitive advantages… cost reduction, increased capital savings, improved performance, and brand reputation.

In the GRC industry, only MEGA has nearly 20 years of expertise in business process improvement providing the soundestfoundation for highly efficient and effective GRC solutions for operational and enterprise risk management, internal audit, andcompliance management.

Used by more than 75,000 people worldwide, the MEGA Suite is modular, providing dedicated tools to help coordinate risk,control, compliance, and audit activities and meet all stakeholders' needs. The MEGA Suite provides insight into a company'srisk profile, and generates valuable reports to aid executives in making well-informed and strategic business decisions.

For more information, contact us.

MetricStream, Inc. 2600 E. Bayshore RoadPalo Alto, CA 94303Phone: 650-620-2955 Fax: 650-632-1953 Email: [email protected]

MetricStream is the market leader in providing risk management solutions to large global organizations across different verticalsincluding Banks and Financial Services, Insurance, Energy, Utilities, Healthcare, Life-Sciences, Government and others.

The solution includes integrated functionality for documenting risks, defining controls, managing assessments, identifying issuesand implementing remediation plans that is based on industry specific standard frameworks, best practices workflows, powerfulanalytics and embedded risk-control libraries. The solution provides a multi-dimensional approach for managing risk throughadvanced risk & control assessments, real-time risk intelligence metrics (KRI), a centralized loss database and integrated issuetracking supported by built-in risk analytics and reporting functionality.

The risk management solution is based on the industry leading Enterprise GRC platform that has been categorized in theleadership quadrant by leading independent industry analysts. In addition to the risk management, the platform also providescomprehensive solutions for Internal Audits, Regulatory Compliance, Policy Management, Issue Management, SupplierGovernance, Corrective & Preventive Action and IT Risk & Compliance Management.

Headquartered in Palo Alto, CA, MetricStream has offices across US, Europe and Asia Pacific region.

The definitive guide to products and services for the

professional risk, insurance and continuity buyer

For further information on promoting your company call Murray Barber 020 7562 2434 or email [email protected]

RMS_supplier_directory.qxd 22/12/2010 15:45 Page 2

Serving more than 1,000 organisations worldwide, CS STARS meets the technology needs of risk management professionals, as well as insurance carriers and third-party administrators – delivering integrated software and services for risk, claims and compliance management.

Learn about how CS STARS can empower your organisation at www.csstars.com/innovation.

Leadership,Knowledge,Solutions...Worldwide.

We simplify the job of managing risk.

Leadership, Knowledge, Solutions Worldwide. · Over the last year, 7 out of 10 companies selected...

Documents

Transcript of Leadership, Knowledge, Solutions Worldwide. · Over the last year, 7 out of 10 companies selected...