Maintaining Response

Let’s return to our master data flow. As shown in the preceding graphic, we are at the final stage of the flow: Set Up Risk Response. Let’s see how this is done at CRG International Inc.

As Sam documented the risk and aware of potential risk, he then decided to document a response plan which will be used during Risk assessment. He declares that some risk response measures are generic or common across many risks and are applicable in many parts of the business.

Maintaining a Responses Catalog allows the organization to reuse successful risk responses across different risks and different parts of the business. This technique promotes adherence to risk policy and facilitates learning.

The Responses and Enhancement Plans Catalog is the master data table. This is where standard responses and standard enhancement plans are maintained. Risk owners can browse the Responses and Enhancement Plans catalog to select from a list of standard responses or enhancements applicable to their risk or opportunity from the master data table.

CRG International, Inc. decided to create the Response "Automate the creation of reports". Sam, as Risk Owner, creates the Response "Automate the creation of reports" in SAP Risk Management. Let’s discover how he does this in the following exercise.

After setting up all necessary master data objects, we perform the master data assignments.

1. Assign corporate and organization roles.
2. Assign Risk Roles.
3. Assign Response Owner.

This step is essential for defining user responsibilities, setting permissions, ensuring segregation of duties, facilitating accountability, and enhancing security within the system.

Nancy, as Risk Manager at CRG International, is assigned to this role at the beginning of the creation of CRG International, Inc. hierarchy.

Nancy assigns the following Roles for the organization "General Accounting":

The table shown above shows how Nancy assigns Roles at CRG International Inc.