摘要 |
Assessing risks arising from relationships with third-parties that support the operations or strategic goals of an organization, such as a bank, are provided. A risk assessment system receives risk assessment values respectively corresponding to the likelihood, severity, and control for a risk item associated with a third-party relationship. The risk assessment system then determines a risk priority value for the risk item based on the risk assessment values. The risk assessment system may prioritize multiple risk items according to their respective risk priority values, risk categories, or both. In some arrangements, the risk assessment system may identify a risk item for additional risk mitigation and determine a risk mitigation action plan for the identified risk item. |