Move beyond a basic risk register. RiskReg's ERM features align with the COSO 2017 framework, giving your organization the tools for structured, board-level risk governance.
Each ERM feature can be enabled independently per tenant, so you adopt only what your organization needs. All features build on the core risk register described in How It Works.
Define a custom taxonomy (Strategic, Operational, Financial, Compliance, etc.) with colors and sort order. Every risk is assigned to a category, enabling grouped analysis and category-level appetite thresholds.
Link risks to your organization's strategic objectives. See at a glance which goals are most threatened and where controls need strengthening.
Track how risk scores change over time with automatic snapshots. Velocity scoring (1-5) captures how quickly a risk materializes once triggered, from years down to hours.
Define quantitative KRIs per risk with target, threshold, and breach values. Record measurements over time and get automatic RAG status (Green, Amber, Red) based on where actuals fall relative to thresholds.
Aggregate risks by category, objective, or process. See total risk count, average and max scores, high risk counts, and percentage in control per group. One view for enterprise-wide risk posture.
Executive-level view with a 5x5 residual risk heatmap, key numbers (total, high, within/above appetite), control health, review activity, and a composite RAG status. Built for board reporting.
A separate register for risks that haven't materialized yet. Monitor, escalate to the formal risk register, or dismiss. Track source, probability, and potential impact for early warning signals.
Map relationships between risks: causes, amplifies, mitigates, or correlates with. Identify cascading failures and interdependencies across your risk landscape.
Classify controls as 1st Line (Management), 2nd Line (Risk/Compliance), or 3rd Line (Internal Audit). Filter and report on control effectiveness by defense line.
Self-assessment against the 20 COSO 2017 ERM principles across five components: Governance & Culture, Strategy & Objective-Setting, Performance, Review & Revision, and Information & Reporting. Score each principle 1-5 and track progress over time.
ERM features are enabled per tenant as part of your subscription plan. Each feature can be turned on independently, so you only pay for what you use. Your tenant admin can see which features are active in the Admin portal under Plan Usage.
Contact Us for ERM Access mail