Abstract: A system and method for assessing the risk associated with Outside Service Providers. A decision engine is provided to assess monitor and manage key issues around the risk management capabilities of the OSP. The system creates a core repository that manages, monitors and measures all OSP assessments across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager of the OSP relationship). The responses are tracked in order to evaluate the progress of the assessment and the status of the OSP with respect to compliance with the enterprise's requirements for OSPs. Once a questionnaire has been completed, the OSP can be given an overall rating of exposure to various forms of risk. Areas of risk can be acknowledged, prompting a sensitivity rating, such as severe, negligible and so forth.

Abstract: A system for tracking compliance to risk management policies for a given enterprise that provides risk status feedback on hierarchical managerial levels. The system notifies users of potential problems with non-compliance of enterprise policies set on a high level of enterprise management, and prompts the users to take steps to achieve compliance. The enterprise policies are designed to protect the enterprise from various forms of risk associated with enterprise activities. Accordingly, minimizing risk across enterprise operations, subdivisions, projects and applications produces an overall benefit of reduced liability or exposure to liability for the entire enterprise. A compliance status is provided by business groups at all levels of the enterprise, and consolidated for each management level to which the risk status is promoted.

Abstract: A system and method for assessing the risk associated with the protection of data privacy by software application. A decision engine is provided to assess monitor and manage key issues around the risk management of data privacy. The system creates a core repository that manages, monitors and measures the data privacy assessments of applications across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager responsible for the application). The responses are tracked in order to evaluate the progress of the assessment and the status of the applications with respect to compliance with the enterprise's data privacy policies and procedures as well as the regulations and laws of the jurisdictions in which the application is operated.

Abstract: A system and method for assessing the risk associated with the protection of data privacy by software application. A decision engine is provided to assess monitor and manage key issues around the risk management of data privacy. The system creates a core repository that manages, monitors and measures the data privacy assessments of applications across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager responsible for the application). The responses are tracked in order to evaluate the progress of the assessment and the status of the applications with respect to compliance with the enterprise's data privacy policies and procedures as well as the regulations and laws of the jurisdictions in which the application is operated.

Abstract: A system and method for assessing the risk associated with Outside Service Providers. A decision engine is provided to assess monitor and manage key issues around the risk management capabilities of the OSP. The system creates a core repository that manages, monitors and measures all OSP assessments across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager of the OSP relationship). The responses are tracked in order to evaluate the progress of the assessment and the status of the OSP with respect to compliance with the enterprise's requirements for OSPs. Once a questionnaire has been completed, the OSP can be given an overall rating of exposure to various forms of risk. Areas of risk can be acknowledged, prompting a sensitivity rating, such as severe, negligible and so forth.

Abstract: A system and method for assessing the risk associated with the protection of data privacy by software application. A decision engine is provided to assess monitor and manage key issues around the risk management of data privacy. The system creates a core repository that manages, monitors and measures the data privacy assessments of applications across an institution (e.g., a corporation). The system and method employs automated questionnaires that require responses from the user (preferably the manager responsible for the application). The responses are tracked in order to evaluate the progress of the assessment and the status of the applications with respect to compliance with the enterprise's data privacy policies and procedures as well as the regulations and laws of the jurisdictions in which the application is operated.

Abstract: A system for tracking compliance with policies related to management of risk for a given enterprise provides risk status feedback on a number of managerial levels. The system notifies users of potential problems with non-compliance of enterprise policies set on a high level of enterprise management, and prompts the users to take steps to achieve compliance. The enterprise policies are designed to protect the enterprise from various forms of risk associated with enterprise activities. Accordingly, minimizing risk across enterprise operations, subdivisions, projects and applications produces an overall benefit of reduced liability or exposure to liability for the entire enterprise. A compliance status is provided by business groups at all levels of the enterprise, and consolidated for each management level to which the risk status is promoted.