In general, risk management is understood to include the identification, assessment, and/or prioritization of risks to an entity such as a business, as well as the application of resources to address, monitor and/or control the probability or impact of events resulting from those risks. Businesses may face various risks that affect their short term (e.g., day-to-day) or long term objectives, operations, assets and strategies. For businesses with multiple divisions and/or a disperse management hierarchy, the ability to respond to and address risks may be a complex endeavor hindered by limited access to data about risks, as well as slow or incomplete communication of risk information to different parties within the hierarchy and across divisions within the business.
As an example, a business may include multiple different divisions, such as a division devoted to selling and providing insurance coverage, a division devoted to banking and financial services, a division devoted to addressing legal and regulatory issues, a division devoted to accounting, and a division devoted to operational and human resource management issues, among others. According to a typical management hierarchy, each division includes one or more management personnel responsible for addressing risks pertaining to their particular division, with an executive level of management responsible for overseeing the operation and strategy of the business as a whole. In certain cases, risks identified within one particular division, but applicable to other divisions of the business, are not communicated to the other divisions predisposed to the risk. Alternatively, the risks may be communicated too late for preemptive actions to be taken, where such actions can mitigate or adjust for the risk. In some cases, risk information is not communicated across business divisions or to other personnel in a timely manner due to a failure to identify those responsible for addressing the risk. As a result of these and other limitations, businesses may be exposed to unbalanced and unacceptable levels of risk.