The Second Line of Defence Launchpad within the Protecht.ERM system is an effective and interactive visualisation designed specifically for the Line 2 Risk and Compliance Management teams to use in their role of reviewing and challenging Line 1, together with independent reporting and escalation. Read on to find out more.

Why a Launchpad?

A Launchpad can be configured as the first screen a user sees when they log into Protecht.ERM. This ensures that users first see the most important and relevant information to carry out their responsibilities.

2nd line of defence_blog_castle moat image

Three Lines of Defence Model

Regardless of the organisation’s size and complexity, implementation of the three lines of defence should be the first principle of an effective risk management framework. At each line of defence there needs to be risk governance to support and provide oversight to the risk management framework.” Read complimentary article: Risk Governance and the three lines of defence.

Three Lines of Defence Model - Image Protecht

Figure 1: Three Lines of Defence Model

The Second Line of Defence

The second line of defence is an organisation’s Risk and Compliance Management function(s) that provide independent review and challenge  of the risk, compliance and decision making management activities of the first line of defence. The Second Line of Defence Launchpad has been designed to support the Risk and Compliance Management teams with quick access to relevant information required by the second line.

lod2

Figure 2: The second line of Defence Launchpad

The Second Line of Defence Launchpad includes the essential components for the Second Line of Defence model including Risks, KRIs, Compliance and Actions, allowing a Risk Manager to quickly ascertain the current status of relevant risk information in the organisation.

Risks

The Risk row includes only a Residual Matrix to save real estate with the Inherent details being available in the details table. The matrix can be clicked to filter the details in the table, which now includes risk trends where historical models are applied. Read the article on Historical Models. This is extremely valuable for a Risk Manager who wants to see the changes in risk over time.

Residual Risk assessment Screenshot1

KRIs

Important KRI data, including slipped and overdue items, is highlighted using bubbles that are easy to view and provide a way to filter the KRI details table. Once filtered, the user can review the details and click directly to the KRI in the register, or alternatively use the links to review KRI analytics to support business decision making.

Key risk indicators Screenshot 1

Compliance

In a similar way to KRI's, the Compliance information provides easy to read metrics that provide important summary data, whilst also filtering the details table.

Compliance screenshot1

Actions

Overdue Action details are highlighted in red to clearly differentiate them from other actions. 

KRI Actions Screenshot1

Filtering for relevance

The first filter in the heading allows the user to switch between “All” and “My items”, which is respectively everything the user has permission to see versus the items assigned to the user directly. This makes it easy for the user to quickly alternate between these filters without having to move to a different report.

The tree filter on the top right allows a Risk Manager to filter for specific Business Units. This will assist in determining any areas or interest that need investigation.

Usability (UX/UI) and Design

The launchpad is designed with UX (user experience) in mind so that each component has its own row that flow logically from top to bottom. Each row reads left to right starting with a component summary, detail and then links to related registers and analytics where further details can be found. All non-required marks and lines have been removed to increase the Data-Ink ratio, which makes the Launchpad simpler and easier to understand. Individual branding can be applied based on specific client requirements.

Use Cases

Specific examples of when this Launchpad would be used include:

  • The Risk Manager opens ERM and immediately sees Residual Risk Assessment Matrix and selects one of the high-risk areas. The risk details are highlighted with a trend showing an increase in residual risk. The Risk manager clicks through for the details in the Risk Details report and reviews the linked controls and finds an anomaly. This allows the risk manager to take action to address the control before an incident can happen.

  • The Compliance Manager opens Protecht.ERM and sees that a key obligation is now non-compliant. Drilling down he sees that the non-compliance is due to related control attestations with ‘No’ responses but without any remediation actions. The Compliance Manager is able to create actions, assign them to appropriate staff with due dates, and monitor and track the status of the actions from within the Launchpad.

This Launchpad is a must for any organisation looking for best practice ways at managing their risk and compliance using the Three Lines of Defence. The simple design minimises unwanted noise whilst highlighting essential information for Risk and Compliance functions.

What's next?

This Launchpad is a must for any organisation looking for best practice ways at managing their risk and compliance using the Three Lines of Defence. The simple design minimises unwanted noise whilst highlighting essential information for Risk and Compliance functions.

If you think this launchpad could help your organisation, please click the banner below to talk to one of our consultants.

Book a meeting with our consultants

ASIC Report Whitepaper: A Regulatory Spotlight on Non-Financial Risk
Whitepaper

A Regulatory Spotlight on Non-Financial Risk

Download Now

Related Articles

feature image
Compliance Management Protecht News & Events Risk Management Risk Reporting Videos Compliance Professionals

Modern Slavery - Being Prepared

Do you know what the Modern Slavery Act is and how it will impact your business? We had the opportunity to have Associate Professor Justine Nolan...
Read more
feature image
Risk Analytics ERM Risk Management Software Videos

Risk Taxonomies - Webinar Recording

Designing and deploying first rate risk and control taxonomies  This webinar was done live on 16th May 2019.  What you will learn in this webinar:  ...
Read more
feature image
Enterprise Risk Management Risk Analytics ERM Risk Management Software Videos

Webinar Recording - Understanding RiskInMotion

How to bring all your risk information into one dashboard Have you ever been told that your risk reporting is static, backward-looking or too...
Read more