Organizations always have internal and external factors that can pose risks to the achievement of their objectives. Risk management concerns about identifying that and defining and managing controls and policies to address those risks that affect valuable assets. Risk management can be applied to an entire organization, a specific department or area, or just to a specific function, project or activity. That diversity of possible contexts can clash with a "silos issue", where narrowly focused, functionally driven, and disjointed risk management concerns have to be considered along with global and consolidated concerns. In those scenarios, fragmented views of risks, requiring different languages, parameterizations, and metrics, can lead to highly complex specific-built solutions that turn to be hard to consolidate and reuse. HoliRisk is a flexible framework to support risk assessment in heterogeneous contexts! It was inspired by ISO-31000, but its use cases and core data model was designed on the top of a metamodel that can make it possible to be specialized for any required risk management scenario

  • Holistic
  • Support for multiple risk assessment methods, terminological domains, contexts, metrics, etc." e "Consolidation of information supported by a uniform metamodel
  • Specialized views
  • Possible definition of risk views (for both data input and output reports) according to the stakeholders' concerns
  • Eg. A risk operator might only use the risk repository view a CEO might be only interested in the risk reporter view
  • Report and Analysis
  • Powerful support for risk evaluation, decision-making and risk communication (multiple views and reporting techniques: risk matrixes, policy impact estimations, etc.)