Enterprise Risk Platform

Sign in

Access your risk intelligence workspaces

Want to explore first? Try the demo — no account needed.
or
No account? Create one free
1
2

Workspace scope

Is this assessment for a specific department or the entire organisation?

Financial profile

Used to contextualise risk exposure and inform reporting.

OPS
Operations

JS
Manage workspaces
Sign out

Risk Intelligence Command™

Configure workspace below

Workspace Configuration

Financial Profile — Used in Scenario Modelling and Board Reports

Inherent vs Residual — By Severity

Count of risks in each severity band before and after controls

Risk Distribution by Domain

Share of register across risk categories

Inherent vs Residual Score — Top Risks

Highest-inherent risks and the reduction achieved through controls

Action Status Breakdown

Mitigation action progress across all linked risks

Mitigation Cost by Domain

Investment allocation across risk domains

Risk Status Overview

Current treatment status across the full register

Risk Register

Enterprise-wide risk log · up to 300 risks

0 selected
ID Description Root Cause Domain L I Score Severity Owner Mitigation Summary Status Mit. Due Date Residual Score & Rating Review Date Actions

Risk Heat Maps

Likelihood × Impact matrices — Inherent, Residual & Emerging Signals

Inherent Risk Heat Map

Pre-mitigation · Likelihood × Impact
Likelihood ↓ / Impact → 1
Negligible
2
Minor
3
Moderate
4
Major
5
Catastrophic

Residual Risk Heat Map

Post-mitigation · Likelihood × Impact based on residual score decomposition
Likelihood ↓ / Impact → 1
Negligible
2
Minor
3
Moderate
4
Major
5
Catastrophic

Emerging Signals Heat Map

Likelihood × Potential Impact of logged signals
Likelihood ↓ / Impact → 1
Negligible
2
Minor
3
Moderate
4
Major
5
Catastrophic
Legend: Critical (20–25) High (12–19) Moderate (6–11) Low (1–5)

Risk Intelligence Analysis

Advanced patterns, concentrations, and insights not visible in surface reporting

Risk Concentration by Domain

Inherent vs residual risk weight per domain — reveals where controls are underperforming relative to exposure

Mitigation Cost vs Risk Reduction

Cost efficiency: which domains deliver the best risk reduction per dollar invested

Risk Appetite Gap Analysis

Residual scores plotted against appetite threshold — visualises board risk tolerance breaches by domain

Control Effectiveness by Risk Severity

Are your strongest controls protecting your highest risks? This surfaces alignment or misalignment

Risk Ownership Distribution

Owner accountability concentration — identifies single points of failure in risk ownership

Risk Status Progression

Status breakdown across severity bands — shows where active management attention is concentrated

Key Intelligence Findings

No data to analyse yet. Add risks to the register to generate intelligence findings.

Scenario Modelling

Appetite synced
How This Model Works
Adjust the investment and programme parameters below to project how different risk management strategies affect your organisation's residual risk exposure. The model applies evidence-based reduction factors per parameter to your current risk register. Financial analysis integrates your organisation's balance sheet profile to express risk in monetary terms. Use the strategy comparison table to stress-test four defined risk treatment postures — from a minimal baseline to full organisational transformation.

Investment & Programme Parameters

Each parameter applies a calibrated risk-reduction multiplier to the current register. Adjust values to model different investment decisions.

Projected Outcomes

Strategy Comparison — Risk Score vs Cost

Each strategy bar shows projected residual risk score. The line shows programme cost (JMD $M). Lower bars with lower line = optimal risk investment.

Strategy Comparison Matrix Four treatment postures from baseline to full transformation
Strategy Description Cyber (JMD $M) Compliance Speed TPRM Proj. Score Reduction Total Cost ROI Financial Exp.

Scenario Interpretation

Action Tracker

Mitigation action log · manage, import & export

0 selected
Action ID Risk ID Action Description Owner Due Date Status Priority % Done Days Overdue Actions

Emerging Signals

Early-warning intelligence for pre-register threats

0 selected
Signal ID Description Source Category Detected Likelihood Impact Urgency Status Linked Risk Actions

Control Effectiveness

KCI blended scoring — Design & Operating effectiveness

Scoring Dimensions — What Each Percentage Measures

D1 — DesignHow well the control/mitigating action is designed to address the risk. Considers whether the control logically targets the root cause, is appropriately scoped, and follows best-practice design principles. A well-designed control has clear objectives, defined triggers, and an appropriate response mechanism. Score 100% if the design is fully fit-for-purpose with no gaps.
D2 — ImplementationHow effectively the control/mitigating action has been implemented in practice. Assesses whether the control has been formally rolled out, documented, communicated to responsible parties, and has the necessary resources and authority to function. A score of 100% means full deployment with no implementation gaps or missing prerequisites.
D3 — OperationHow consistently and reliably the control operates on an ongoing basis. Evaluates whether the control is being executed as designed — including frequency, timeliness, and adherence to procedures. A 100% score indicates the control fires every time it should, by the right person, in the right way, without exceptions or workarounds.
D4 — TimelinessHow promptly the mitigation was implemented relative to the risk identification and due dates. This score is auto-calculated when you enter an Identified Date, Mitigation Due Date, and Implemented Date in the Risk Register. The formula: 70–100% for on-time implementation (earlier scores higher), 10–70% for overdue implementation (scaled by delay severity). You may also enter this manually.
90–99% Adequate & Effective 70–89% Generally Effective 50–69% Partially Effective <50% Deficient
0 selected
Risk ID Description Domain Severity Owner Mitigation D1 Design % D2 Implement % D3 Operation % D4 Timeliness % Blended % Grade Actions

Data Import

Import risk registers from CSV or Excel — consolidate department submissions into one register

Import from CSV

Accepts CSV files exported from Risk Intelligence Command or formatted to the standard template. Drag Risk Officers' department exports here.

Drop CSV here or click to browse
Columns: Risk ID, Description, Root Cause, Domain, Likelihood, Impact, Score, Severity, Owner, Mitigation, Cost (JMD $M), Status, Residual Score, Review Date, Notes

Import from Excel (.xlsx)

Upload Excel workbooks containing a risk register sheet. The tool auto-detects column headers and maps data to the register.

Drop Excel file here or click to browse
.xlsx format · First sheet used · Headers auto-detected

Import Actions from Excel (.xlsx)

Upload an Excel workbook containing mitigation actions. Alternatively, use the Import button on the Action Tracker tab directly.

Drop Actions Excel file here or click to browse
.xlsx format · Columns auto-detected and mappable · Risk ID links actions to register

Workspace Snapshot — Export & Import

Export the complete current workspace (risks, actions, signals, control effectiveness, and configuration) as a JSON snapshot. Share with the Risk Officer or other RIC accounts to import and consolidate departmental data.

Export Current Workspace

Downloads a .json snapshot of all workspace data. The file can be sent to the Risk Officer for consolidation or stored as an audit trail.

Import Workspace Snapshot

Import a .json snapshot exported from another RIC account. Merge departmental data into the current workspace.

Drop .json snapshot or click to browse

Import History

No imports yet for this workspace.

Risk Intelligence Report