Risk scenarios can be defined which include several risks for
“what-if” planning. By changing the assumptions which drive the
analysis of the risks, you can determine the aggregate impact of
the different risk scenario.
For each organisation/ critical infrastructure/ key asset, key activities are documented and the key risks to those activities are documented. Activities are described in terms of customizable categories, assumptions, and owner. An assessment frequency is set for each activity. Risks are described in terms of customizable categories, cause and consequence, indicator, owner, and comment.
Risks are evaluated in terms of probability, impact and total loss. Both qualitative and quantitative methods are possible. The risk assessment is done both before a response and after the response. Based on end user input, expected loss is calculated.
Multiple responses can be documented for a single risk. The
responses are characterized by customizable type, cost, owner, and
status. Multiple responses can be documented for a single risk.
Each grouping of risks needs to be updated at a certain point in
time, based on the priority of the activity and the decision of the
activity owner. Based on this timeframe being reached, a workflow
is triggered to the risk owner to update the analysis values.
Online reports highlighting the aggregated expected and total loss
for an activity or org unit are available.
 SAP Product Available |
 Partner Product Available |
SAP Product Available with Future Releases |
 Partner Product Available with Future Releases |
 Future Focus |
| Please note that the Solution Map, containing proprietary information of SAP AG, reflects SAP's current development intentions, which are subject to change. Future focus coverage may be provided by SAP or SAP partners. Check for local availability of all SAP and SAP partner solutions. ©SAP AG 2007 | ||||