Dashboard Reports

Following are the types of Dashboards:

1. Executive Dashboard
2. Business Environment Scorecard
3. Change Initiatives
4. Compliance and Obligations
5. Incidents Management
6. Information Library
7. Insurance
8. Issues and Actions
9. Key Indicators
10. Planning and Scoping
11. Process
12. Risks and Controls
13. Scenarios
14. Business Continuity Plan Assessment
15. Audit

1. Executive Dashboard
An executive dashboard is a set of reports for various entities that allows the senior/top
management to have a glimpse of the different statuses and spread of risk and the Risk Profile
across the organization.
It can be filtered based on the following options:
 Business Line
 Location
 Product
 Process
 Risk Event Type
 Risk Category
This dashboard displays the following reports:
1. Global Risk Analysis
2. Global Control Analysis
3. Incidents by Time Series
4. Incidents by Business Line
5. Risks by Risk Category
6. Top Risks
7. Global Key Indicators versus Enterprise Key Indicators
 2. Business Environment Scorecard
Business Environment refers to a set of conditions that affect the functioning of an organization. It may
include economical, social, legal, or institutional factors. In order to ensure smooth runni ng of a
business, these factors should be assessed on a periodic basis. The observations can help an
organization to control the factors in an adequate manner achieving better productivity.

The Oracle Financial Services Operational Risk Business Environment Scorecard (BES) assists
organizations in determining the impact of various environmental factors on the business. Using this
module, you can capture important environmental factors affecting the business for a business line and
location and rate the influence of these parameters on business. The organization can take necessary
steps to control the factors based on the ratings which results in better performance.

This dashboard displays the following reports:

1. Business Environment Scorecard

2. BES Trends
3. BES Risk Assessment Summary
4. Control Assessment Summary
5. Incident Net loss Trend

3. Change Initiatives
The Change Management module in OFSOR/GCM enables user to create a change initiative, monitor the
risks and controls associated with the change initiative, update the progress of the initiative, perform
regular assessments and track the initiative to completion, and ensure a review process for the Change
based on the Risks envisioned post Implementation.

This dashboard displays the following reports:

1. Change Initiatives By Business Line

2. Change Initiatives By Location
3. Change Initiatives by Type
4. Change Initiatives by Materiality
5. Status of Change Initiatives
6. Change Initiatives which Exceed the Estimated Costs
7. Change Initiatives Having Impact on Multiple BU
Following reports are additional reports:
1. Delivery Risks Associated with Change Initiatives
2. Critical Processes Impacted by Change Initiatives
3. Change Initiatives Requiring Review
4. Change Initiatives Details
 4. Compliance and Obligations
Compliance is conforming to a rule, such as a specification, policy, standard or law. Regulatory
compliance describes the goal that financial institutions or the banks aspire to achieve in their efforts to
ensure that personnel are aware of and take steps to comply with relevant laws and regulations. The
Compliance module helps banks or financial organizations to capture regulations or policies and
associated obligations and make sure the regulations or policies which effect the functioning of the
organization have been complied with.

An obligation is a course of action that an entity is required to take, whether legal or moral. It is the
responsibility of the Financial Institution to comply with the regulations or Policies (set for itself). To
comply with Regulations or Policies, Financial Institution set few obligations or activities which fulfill the
objectives of Regulations or Policies requirements. Compliance module allows you to view and assess
obligation that are localized to the specific business units. The compliance and obligations dashboard
displays the following tabs:

1. Summary: This tab gives a summary of all the reports.

The Summary tab displays the following reports:
a) Regulation and Obligations by Business Line
b) Regulation and Obligations by Location
c) Regulation/Policy Assessments by Business Line
d) Obligation Assessments by Business Line
e) Obligation Risk Heat Map
2. Regulations/Policy: This tab allows you to analyze the regulation which displays
reports which is specific to the Regulation like Regulation Details, Non-Compliant
Obligations Associated With High Risks, Regulations and Change Management, and
so on.
This tab displays the following reports:
a) Regulation/Policy Assessments
b) Compliance Incidents
Following reports are additional reports:
a) Regulation Details
b) Policy Details
3. Obligations: This tab allows you to analyze the Obligations by displaying the
obligation for various parameters.
This tab displays the following reports:
a) Obligation Assessments
b) Obligations by Risk Event Types
Following reports are additional reports:
a) Obligation Details
 5. Incidents Management
Incidents may include errors in internal processes, controls and projects, caused by technological,
organizational orexternal factors. Business losses occur in day-to-day operations due to various
Incidents. For example, a server crash is an Incident which causes a disruption in the business process.
These Incidents can be captured in a system to identify the loss-causing events and plan for loss
recovery. The Incidents component of OFSOR allows a financial institution to capture and monitor
various Incidents that cause operational risk.
This module allows guest users to report Incidents without revealing personnel identity, thus following
the whistle blower policy. Incident management helps an organization to analyze the events at different
levels and take necessary steps to prevent loss-causing events in the future.

The Incidents Dashboard displays the following reports:

1. Incidents by Different Time Intervals
2. Incidents by Group
3. Incidents by Business Line
4. Largest Losses
5. Losses Impacting Multiple Business Units
6. Compliance Incidents
7. Risks Associated With Losses
8. Controls Associated With Losses
9. Incidents with their Action Plans
Following reports are additional reports:
1. Confidential Incidents by Different Time Intervals
2. Legal Incidents by Different Time Intervals
3. Incidents with Risks Having No Controls
4. Incidents with No Risks
5. Losses with No Insurance Cover
6. Incidents with Insurance Cover
7. Near Miss Incidents
8. Incidents by Primary Cause
9. Losses by Business Line/Risk Event Type
10. Loss Events - Not Approved
11. Losses by Impact
12. Losses by Incident Type
13. Incidents by Change Management
14. Overdue Issues for Incidents By Business Line
15. Overdue Actions for Incidents By Business Line
16. Issues Exceeding Estimated Cost for Business Line
17. Actions Exceeding Estimated Cost for Incidents By Business Line
18. Incidents by Status
19. Incident Details
 6. Information Library
The Information library in Oracle Financial Services Operational Risk acts as a repository of information
which helps an organization to manage their information assets. They help in analyzing and planning
further actions. There are various types of information libraries, such as financial models, regulatory
bodies, and so on. For example, any changes in the government regulations that are to be followed by
an organization can be captured in the regulatory bodies information library. Similarly, any changes or
modifications to any of the available libraries can be tracked and managed in appropriate information
libraries. You can link an information library with other components such as risks, controls, and so on.

This dashboard displays the reports based on the information library data available in the application.
The Information library Dashboard displays the following reports:
1. Information Libraries by Type
2. Associated Risks
3. Associated Controls
4. Associated Scenarios
The following report is an additional report:
1. Information Libraries Detail

7. Insurance
An Insurance Policy and basic risk mitigation forms an integral part of any financial organization.
Organizations have numerous insurance policies to cover risks and future losses which may arise from
such risks. The Oracle Financial Services Operational Risk Insurance module helps to capture t he
different types of policies such as Fidelity Guarantee Insurance, Third Party Liability, and so on and
stores them in a central repository called the Insurance Policy Library. Insurance Policy module details
name, validity, premium amount, cover amount, reminder date, and so on. Insurance Policy can be
linked to incidents which arise during the operations of an organization or risks already identified in the
organization. The Insurance module helps to monitor policies and generate further insights based on
historical data stored in the central repository. It helps to close and renew the policies on time.
The Insurance Dashboard displays the following reports.
1. Insurance Policies by Business Line
2. Insurance Policies By Location
3. Insurance Policies By Risk Event Type
4. Insurance Policies Due for Renewal
5. Insurance Policies vs. Claims
Following reports are additional reports
1. Insurance Policy Coverage by Risks
2. Insurance Policy Coverage by Scenarios
3. List of Insurance Policies
 8. Issues and Actions
The Issues and Actions module is an integral part of the OFSOR/GCM solution. An issue is a problem
statement and actions are plans or activities taken up to resolve those issues. Organizations may need to
identify and track issues whenever there is an alarming situation, such as when an incident is reported,
Key Indicators (KIs) are breached, risk is assessed as high, control is assessed as ineffective, regulation is
breached and so on. Issues can be created either from the Issues and Actions module or from other
modules in OFSOR such as RCSA, Incident Management, Key Indicators a nd so on, whenever the
parameters are alarming and require issue creation. Action plans aim at estimating the cost involved in
addressing issues. If the cost of taking up the action is more than the risk involved in the issue, an
organization can choose to close the issues without any actions. Actions can also be directly created
from different modules of OFSOR. Subsequently, the application automatically creates a system
generated issue for that particular source and internally maps the created actions to the auto-created
issue.
The Issues and Actions Dashboard displays the following Tabs:
A. Issues:
The Issues Tab displays the following reports:
1. Issues across Business Line
2. Issues across Location
3. Overdue Issues by Business Line
4. Issues by Criticality
5. Issues by Priority
6. Issues across Issue Source
7. Issues across Risk Event Type
8. Issues across Issue Category
9. Issues across Risk Categories
10. Issues across Products
11. Aging of Issues
The following report is an additional report
1. Issue Details
B. Actions:
This tab displays the following reports:
1. Actions across Business Lines
2. Actions across Location
3. Overdue Actions By Business Line
4. Actions by Priority
5. Actions by Source
6. Actions by Risk Event Type
7. Ageing of Actions
Following report is an additional report:
1. Action Plan Details
 9. Key Indicators
The Key Indicator Component gives the flexibility to capture Key Indicators which can either be Risk
Indicators, Control Indicators, Performance Indicators or BEICF Indicators. Key Indicators are metrics,
often financial, which provide insight into a bank's or organization's risk position. These indicators are
reviewed on a periodic basis to alert banks to changes that may be indicative of risk concerns. Such
indicators may include the number of unsuccessful and failed trades, staff turnover rates and the
frequency or severity of errors and omissions.
OFSOR Key Indicators module provides an early-warning system to identify potential costly operational
hazards including fraud, legal, and technology risks. The use of Key Indicators is one of the BIS (Bank of
International Settlements) recommendations for sound Operational Risk Management, and thus an
essential component of Basel II and Sarbanes-Oxley laws.

This dashboard displays the reports based on the Key Indicators data available in the application.
The KI Dashboard displays the following Tabs:
A. Key Indicator Details
This tab displays the following reports:
1. Key Indicators by Business Line
2. Key Indicators by Location
3. Key Indicators By Risk Inventory
4. Key Indicators by Risk Event Type
5. Key Indicators by Source
6. Key Indicators by Nature
Following reports are additional reports:
1. Key Indicators by Frequency Key Indicators By Type
2. Key Indicators in Development
3. Overdue Actions for Key Indicators by Business Line
4. Actions Exceeding Estimated Cost for Key Indicator by Business Line
5. Overdue Issues for Key Indicator by Business Line
6. Issues Exceeding Estimated Cost for Key Indicator
7. KI Details
B. Associated Entities
This tab displays the following reports:
1. Key Indicator High Risks and Total Losses
2. Key Indicators Associated with Incidents
3. Key Indicators and Risks
4. Key Indicators and Controls
5. Key Indicators Associated with Scenarios
Following report is an additional report:
1. KI Metrics
 10. Planning and Scoping
Organizations must periodically assess their risks and controls to measure the impact on the
organization. In addition, some regulators require the officers of the firm to attest the organizations
processes and controls. The assessment plans risk and control, and attestation plans for process and
controls should be created to facilitate assessments and attestations by group managers.
The Planning and Scoping function allows organizations to have a standard methodology, which reduces
the burden of creating similar Assessment Plans for multiple entities and also creates a forward
schedule of assessing risks and controls. It allows the user to set up plans for risk and control assessment
scope for a particular entity. This also simplifies tracking assessments, attestation, and certifications. The
user sets the periodicity of the assessment, (for example, weekly, monthly, quarterly, semi-annually, and
yearly). The periodicity of assessment may be set on a random basis.
This dashboard displays the reports based on the Planning and Scoping data available in the application.
The Planning and Scoping dashboard displays the following reports:
1. Entities by Plan Purpose
2. Type of Plans based on Frequency
3. Plans Summary Status
4. Assessment Plan Summary
5. Entities with No Assessment Plans
6. Entities with No Attestation Plans
7. Plan Details

11. Process
Processes are the procedures, programs, and practices that impose order on the bank's pursuit of its
objectives. Processes are one of the main causes of operational risk that are closely monitored by the
management. These Processes may differ from one financial institution to other but they are closely
monitored to identify risks and suitable controls to mitigate the evolved risks.
OFSOR application provides a complete solution for Processes related activities. It allows to set up a
library of Processes associates with different business lines and locations. This attests and assesses
Processes and also generates Processes reports. In financial institutions, broader business objectives are
achieved through a set of Processes or a series of actions. These Process(s) expose banks to different
types of risks. Risk identification and categorization of the risk is a pre-requisite for close monitoring of
the risk and for arriving at an appropriate control measure.

The Process Dashboard displays the following reports:

1. Critical Processes
2. Attestation Processes
3. Process with High Assessment Rating
4. Process Metrics
5. Process Risk Heat Map
6. Process Control Heat Map
7. Losses Associated with Processes
 8. Processes Associated with Scenarios
9. Process Assertions
10. The following reports are additional reports:
11. Overdue Actions for Processes by Business Line
12. Actions Exceeding Estimated Cost for Processes by Business Line
13. Overdue Issues for Processes by Business Line
14. Issues Exceeding Estimated Cost for Processes
15. Process Tree
16. Process Details

12. Risks and Controls

Risks are negative occurrences that may adversely affect the business of an organization. It is important
for an organization to identify potential risks, assess their effects, and find control measures to mitigate
them. A Control is a measure taken to mitigate a risk. The Controls identified locally can be captured at a
Business Line and Location and can be linked to a Library Control. Every organization tries to take control
measures to avoid the risks which may otherwise hamper the business.
The Risks and Control Dashboard displays the following tabs:
A. Risk Summary: consists of risk profile that displays the risk and control
assessments and also includes some important risk related reports for the
business unit.
This tab displays the following reports:
1. Inherent Risk Assessment
2. Overall Control Effectiveness
3. Residual Risk Assessment
4. Inherent Risk Across Business Lines
5. Controls Across Business Line
6. Residual Risk Across Business Lines
7. Residual Risk Assessment Heat Map
Following are the additional reports:
1. Risk Threshold
2. Top Risks
3. Top Reputational Risks

B. Risks: Displays risk reports based on different dimensions.

This tab displays the following reports:
1. Risks By Risk Inventory
2. Risks By Risk Event Type
3. Risks By Risk Category
4. Risk By Product
5. Risks by Causes
 6. Risk by Process
7. Residual Risk Assessment
8. Non Financial Impact Assessment
9. Risk Not Assessed
10. Risks without Controls
Following reports are additional reports:
1. Top Reputational Risks
2. Reputational Risk Across Business Line
3. Risks With Single Control
4. Risks with Open Issues
5. Overdue Issues for Risks by Business Line
6. Issues Exceeding estimated cost for Risk by Business Line
7. Overdue Actions for Risks by Business Line
8. Actions Exceeding Estimated cost for Risk by Business Line
9. Risk Metrics
10. Risk Details
C. Controls: Displays control reports based on different dimensions.
This tab displays the following reports:
1. Overall Control Effectiveness
2. Control DE /OE Assessment
3. Controls Across Business Lines
4. Key Controls across Business Lines
5. Controls by Control Category
6. Control By Nature
7. SOX Controls
8. Controls By Cost
9. Controls Not Assessed
Following reports are additional reports:
1. Test Plans for Controls
2. Control Metrics
3. Overdue Issues for Controls by Business Line
4. Issues Exceeding estimated cost for Controls by Business Line
5. Overdue Actions for Controls by Business Line
6. Actions Exceeding estimated cost for Controls by Business Line
7. Control Details
D. Impacted Entities: Displays reports that show association of risks and controls
with other entities.
This tab displays the following reports:
1. Risks Associated with Incidents
2. Risks Associated with KI
3. Risks Associated with Change Initiatives
4. Compliance Risk
 5. Controls Associated with Incidents
6. Controls Associated with Obligations

13. Scenarios
A scenario is defined as an outline, description, or model of a sequence of unexpected or adverse
events. Scenarios vary according to the level of the organization at which they are researched and
focused, but are generally made up of similar components. The scenarios are described using event
types and may also include causal analysis, along with expected direct and indirect impacts. Internal
data can be used to develop the body of the loss distribution and data generated from scenario analysis
can be used to fill any gaps in this data. The input from scenario analysis aids the institution in
dentifying the level and trend of operational risk, determining the effectiveness of risk management and
control efforts, highlighting opportunities to mitigate operational risk, and assessing operational risk on
a forward-looking basis. Many financial organizations use scenario analysis in place of traditional
forecasting and planning to evaluate the impact and likelihood of extreme but plausible risk events.
Defining which scenario applies to an organization involves identifying and recording the scenario,
providing a description of the background, circumstances, and the methodology or approach followed.

The Scenarios Dashboard displays the following reports:

1. Financial Impacts by Business Line
2. Non Financial Impact By Business Line
3. Scenarios By Risk Inventory
4. Scenarios by Risk Event Types
5. Scenarios by Risk Category
6. Scenarios Not Assessed
7. Scenario Metrics
8. Scenarios Associated with Risks
9. Scenarios Associated with Incidents
Following reports are additional reports:
1. Scenarios By Product
2. Scenarios by Processes
3. Obligations Associated with Scenarios
4. Overdue Issues for Scenarios by Business Line
5. Issues Exceeding Estimated Cost for Scenarios
6. Overdue Actions for Scenarios by Business Line
7. Actions Exceeding Estimated Cost for Scenarios by Business Line
8. Scenario Details

14. Business Continuity Plan Assessment

The Business Continuity Management (BCM) helps in addressing business continuity risks of an
organization. In addition to business continuity risk assessment, BCM also facilitates on how to manage
a major disruption met by a business caused by a loss of premises, loss of a key IT system, and loss of
people or other services. Once the critical dependencies are identified, an organization can determine
the impact of thelosses and plan their recovery from those situations.

The BCP dashboards displays the following reports:

1. Business Continuity Plans by Business Lines
2. Business Continuity Plans by Locations
3. Business Continuity Plans by Risk Event Type
4. Business Continuity Plans by Risk Inventory
5. Business Continuity Plans by Processes
6. Business Continuity Plan Summary
7. Business Continuity Plan Assessment
8. Business Recovery Plan Assessment
9. Dependency Details
10. Recovery Details
11. Business Continuity Plan Details
12. BCP with Scenario and Incidents

15. Audit
The Oracle Financial Services Operational Risk Audit module allows banks and financial institutions to
plan, schedule, conduct audits and conduct audit assessments. You can us e the Audit module to create
centralized audit plans, create audit tasks, schedule audit tasks to different KBDs, schedule auditors
based on availability, conduct audit assessments and capture the audit findings and rating, and perform
advanced reporting through OBIEE.
The audit dashboard displays the following reports:
1. Audit Tasks by Rating
2. Audit Plan Details
3. Audit Task Details
4. Audit by Business Line & Location
5. Audit by Components
6. On Going Tasks
7. Overdue Tasks
8. Audit Plans by Audit Types
9. Audit Plans by Priority
10. Audit Issues by Line of Business
11. Audit Issues by Location
Embedded Reports
1. Audit Plans and Tasks
2. Overdue Audits