This System Administrator’s Guide contains the information you need to implement a risk management structure, to supervise others in the use of the OpRiskControl software, and to carry out advanced operations on the database.
Any reference to Microsoft® Outlook may be considered a reference to other popular email systems such as Lotus Notes, GroupWise®, Microsoft® Outlook Express or Microsoft® Exchange Client.
In some risk management environments, users responsible for managing risk refer to hazards and controls rather than risks and actions. To clarify, we understand that risks relate to hazards, and those hazards or risks may be mitigated in some way. Mitigation may be in the form of an existing control or a new action.
So as not to make the database too complex, the schema has been simplified in that a risk source (e.g. risk event code) may be a hazard or a risk or a risk related to a hazard. Likewise an action in the database may be an existing control.
Purpose Of The Software
OpRiskControl simplifies the task of managing general operational risks. This software allows you to enter an unlimited number of risks by division (which may be renamed to client or campus, for example), department, function (for example sub-department), project, location, and asset (a tangible or intangible asset). With OpRiskControl you can quickly evaluate the most critical and expensive Risks, and then take Action to reduce the likelihood or consequence of an event.
Database And Application Backup
It is assumed that your I.T. Department will do a daily backup of your data in the SQL Server database.
Because OpRiskControl allows documents to be attached to Risks and Actions, and those documents are located in the Output sub-directory, it is also assumed that your I.T. Department will do a daily backup of the Output directory.
It is also assumed that your I.T. Department will do a weekly or monthly backup of the whole application directory to save your configured company logo, home page, licence keys and so on.