Traditional risk management takes a siloed approach allowing each department or business unit to manage its own risks and measure them in different ways. Some may use probability distributions, most will use risk matrices – often of different dimensions and scales making them incompatible.
The result is that executives commonly worry that they have a very poor overview of the risks facing the organisation that they are charged with running, greatly limiting their decision-making abilities. Enterprise risk management standards like COSO and ISO31000 emphasise that a risk management system should:
Each one of these goals can only be achieved if one has a consistent, quantitative evaluation system for risk across the different roles and responsibilities within the organisation. A quantitative risk management system allows one to sum and compare risks:
Pelican IRM is a fully quantitative integrated risk management system providing all these benefits with built-in modules to minimise the need for any knowledge of probability and mathematics.
Gillian
Gillian uses Pelican dashboards to verify that the business focuses on the risks that most threaten the corporate objectives
Tom
Tom uses Pelican to keep the financial exposure within tolerance and retaining sufficient capital reserves
Tina
Dashboards show Tina if the business will stay within targets for performance metric like production, availability and emissions
David
David uses a FAIR-style analysis in Pelican to ensure that resources are used most effectively for managing cyber risk
Dan
Dan finds investment opportunities that collectively optimize the profitability within agreed risk tolerance limits
Jane
Jane needs her audit team to check on the risk reduction measures the company most depends on for its success
Matt
Pelican helps Matt maintain a consistent approach to risk evaluation and reporting throughout the business
Mary
Mary uses Pelican to ensure the business maintains its excellent safety record by avoiding dangerous activities
Victor
Pelican helps Victor ensure that project critical to the business are delivered on time and within budget
The following prices are indicative, based on the number of Pelican users we typically see for different company sizes. Organisations with a larger than usual fraction of employees involved in manual labour, lower regulatory restrictions or operating in a low risk environment will have fewer Pelican users relative to its size, and vice versa. The actual cost will depend on the number of registered users, technical aspects associated with installation, and any customized configurations. Training and consulting are available and priced separately. Please contact us for a precise quote.
The Pelican IRM system requires that the Pelican Risk Register is already installed. Indicative prices for the Pelican Risk Register are provided here.
Pelican allows a business to focus on the risks that are truly important, and to assign responsibility of specific risk management activities to individuals.
Pelican provides the facilities to ensure that anyone in the company can contribute to risk management, being able to demonstrate the level of risk the business faces.
The Pelican integrated risk management software ensures that risks are evaluated in a consistent framework, yet still retains the ability to review risks within the scale of each business unit or project.
Pelican stores all information, current and past, providing an audit trail of the risk and risk evaluation management processes.
Each manager, from the CEO right down through the management structure of the enterprise, fully understands the risks (and opportunities) that can impact the part of the business for which they are responsible.
The evaluation of these risks is based on a methodology that is consistent throughout the enterprise and allows the portfolio of risks to be aggregated up through the entity structure of the enterprise.
The control and mitigation strategies for these risks are coordinated across the enterprise and seek to protect and enhance the value of the enterprise, not just one element of the business..
The responsibility for executing the risk management plan is shared appropriately amongst the employees of the enterprise. In essence, employees work as a team. Risk (and opportunity) identification, assessment, management and communication is a shared responsibility and an integral part of the enterprise’s culture.