Manage profile and risk dependencies using the GRC Workbench

The GRC Workbench utilizes CMBD information to show the upstream and downstream relationships across all applications. These relationships enable consistent risk mapping and modeling across the enterprise. The GRC Workbench does not work with Legacy GRC.

The GRC Manager [sn_grc.manager] uses the GRC Workbench to:
  • Create profile classes
  • Define the upstream/downstream relationships between profile classes. These relationships make up the dependency model and they help ensure that risks are defined and evaluated consistently across the enterprise.
  • Create profile types, create profiles, and classify profiles
  • Create relationships between profiles, which makes up the dependency map.
Note: The GRC Manager cannot view the GRC Workbench from Risk > GRC Workbench. The GRC Manager [sn_grc.manager] enters /$grc_workbench.do after their instance name in the url to access the GRC Workbench.
The Risk Manager [sn_risk.manager] uses the GRC Workbench to:
  • perform all the same tasks as the GRC Manager
  • Create Risk frameworks, risk statement,s and risks
  • define risk relationships

Model Setup Tab

The Model Setup tab contains links to perform the following tasks.

Link Action
Dependency Model Create profile classes and develop the organizational relationship model
Profile Types Create and edit profile types
Dependency Map Create and visualize profile relationships

Risk Dependencies tab

The Risk Dependencies tab contains links to perform the following tasks.

Link Action
Risk Frameworks Create and edit risk frameworks
Risk Statements Create and edit risk statements
Relationships Create and visualize risk relationships