Your organization is divided into multiple entities, subsidiaries, regions etc., and deals with risks that only apply on specific regions or subsidiaries, such as of a certain legal form?
Use local risk management to support a bottom-up approach. It enables you register and assess risks only for the affected regions or subsidiaries. Beforehand, create an entity for each organizational or geographical unit.
1. Go to a process in your risk directory.
2. Click on it and add all entities that could be exposed to any risk(s) from that process, e.g. "Order to Cash" below.
Tip: All titles in bold are processes in a risk directory.
3. Click on "Add new risk". In the pop-up window on the right, in the "Scope" section, click on "Local risk" and select the entity that is exposed to that specific local risk.
4. Fill out other risks details and click on "OK".