Main Page

From RiskWiki

Jump to: navigation, search

The BPC RiskWiki



Quick Index

Introduction to the RiskWiki

This wiki is sponsored by Bishop Phillips Consulting ( for the education, use and enjoyment of our clients, educators, the public and professionals involved in management consulting and risk advisory, compliance, internal audit, insurance claims management, safety, governance and risk analysis industries. It provides reference articles on management, risk and risk related functions including: Risk Management, Internal Audit, Governance, Compliance, and Process Reengineering, etc.

The RiskWiki is based on the articles, methods, manuals and papers of primarily three firms: Bishop Phillips Consulting P/L, Stanton Consulting Partners and Bishop Finance P/L. These firms are contributing a large body of work amassed over many years experience with hundreds of clients. The project to convert and upload much of our BPC software help & manuals, extended body of consulting, risk and internal audit methods and models, and education and research materials is a large and time consuming project so the RiskWiki content changes frequently and will do so for the foreseeable future.

With the exception of all software documentation, and those additional documents marked otherwise, all written material on this site may be used freely by readers for any purpose including reproduction, subject only to the retention of moral rights by the authors. Some articles may include images for which additional permission may be reuired prior to reproduction. Software documentation may be duplicated in hard-copy for internal use by registered users of the systems with current maintenance agreements. Other uses of software systems documentation will be considered on written request.

Things to See in The RiskWiki

BPC RiskManager

  • Are you looking for BPC RiskManager Documentation or to learn more about the software?
link=BPC RiskManager Software Suite
Bishop Phillips supplies the BPC RiskManagement suite of governance software that provides a complete governance solution across risk management, controls management, compliance management, insurance management, claims management, incident & hazard management, audit risk management, governance document management and survey generation and management. The system can be installed in configurations ranging from single-user to very large scale enterprise configurations.

The system is particularly suited to managing and reporting on the risk and compliance management tasks of government agencies, whole of government, special project, not-for-profits, insurance providers, service industries, utilities, and tertiary education sectors. You will find an extensive body of information covering technical, administration and user level tasks here.

If you have questions they may be answered in our frequently asked questions.

Frequently asked Questions About BPC RiskManger

How do I get custom features added, or request new features for BPC RiskManager?

Can I Request New Features & What Does It Cost?

Yes - you can and are encouraged to request enhancements. We don't guarantee to embrace every suggestion, but we will certianly consider it. If you are happy to leave the decision to us to schedule them and slot them into the existing enhancements schedule, they will be included as part of your annual maintenance subscription. I.e. - No additional charge.

What if I need the feature quickly, or I don't agree with your decision?

If you need enhancements faster, or want to be sure they are included you can contract the development directly.

The only condition attached to contracted enhancements is that we reserve the exclusive right to decide to include the enhancement in the general code base that all clients enjoy. To date, 100% of contracted code enhancements have been included in the common code base. This is to your advantage as it ensures your application is not orphaned from the development stream.

See also: ..→Read More..

Featured Article...

RIAM:Overview: The Assertion Linked Systems Based Audit (ALSBA)



The keys to the method are structure and focus. With RIAM, Internal Audit applies a Systems and Assertion Based approach to answer targetted 'questions' about an audit area. Questions focus the review, while assertions define the criterion for the answer.

Many systems based approaches merely measure the compliance of an organisation's staff with a particular system. The ALSBA method is a substantial enhancement to this commonly used approach. The RIAM auditor analyses compliance of the system process with a strategic and/or tactical purpose, compliance of practice with procedure and the awareness and readiness presented by potential (risks and opportunities) in the system itself.

The avoidance of checklists makes the auditor adaptable by permanently adopting a 'learning' posture. More importantly, the process is universal in that the same logic structure can be applied from the strategic level through to transactional compliance level, and from 'hard' financial processes to 'soft' subjective process.

Very large organisations present some particular challenges for the systems based audit, including coordination of teams across multiple jurisdictions, locations and organisation units. Here we present an overview to the technical aspects of the RIAM SBA, in Conduct of the Very Large Audit we explore the method in detail in both the large audit and small audit context.

What Are Assertions?

The figure on the preceding diagramme summarises the Assertion Linked Systems Based Audit analytic structure. The process starts with the five areas of Internal Audit's "Scope of work" within which Assertions are defined. Support for the selected Assertions is classified into management's 10 Control Classes (areas for management action). The systems built by management to support the Assertions within the Control Classes will have identifiable "Control Attributes" identical to those used in our Control Implementation Service, and are classifiable according to the "Type" - preventive, detective or corrective.

The concept of Assertions is the core of a RIAM Systems Based Audit. Assertions are truths that we wish to express about a system. They formulated as statements of "fact" about a system. Examples of typical Compliance Assertions for financial aspects of a Grants Scheme might be:


a. Grant expenditure is bona fide (ie that acquittals are for actual grants and for services appropriate to grant activity);

b. Grant data reported/processed is:

  • Attributed to the proper period,
  • Accurately calculated,
  • Correctly and appropriately accumulated,
  • Accurately recorded,
  • Correctly disclosed,
  • Properly authorised with respect to transactions (ie grantee approved costs and the Commission is satisfied that the amount is for an appropriate expense),
  • Providing benefits to which grantees are eligible,

c. The relevant management directions and legislation are observed:

  • Payments are in accordance with legislation, and
  • Approvals for grants are in accordance with the legislation (ie properly vetted by the Grant Committee and approval is given by the Board); and

d. The assets of the organisation are efficiently, effectively and otherwise appropriately protected and applied (ie having an appropriate process of grant approval that assures projects are of an appropriate standard, and that Commission resources are used efficiently).

For What are Assertions Used?

When we say a given system is operating satisfactorily we mean that our review has tested the truth of a set of assertions and we have found that they have been sustained. Thus testing the assertions is the purpose of the audit. ..→ Read More..

BPC SurveyManager

  • Are you looking for BPC SurveyManager Documentation or to learn more about the software?
link=BPC SurveyManager - Overview
Bundled with the BPC RiskManager suite and also supplied in both hosted and installed forms, the BPC SurveyManager software solution is an outstandingly versatile interactive web page generation engine using a survey model as the design and data storage paradigm. While being outstanding at survey creation and management the software is powerful enough to build build conventional data-input web pages. The full technical and SM language programming documentation is available from here.

Research into Virtual Worlds in Business & Education

  • Are you looking for our virtual Learning research papers?
link=Virtual Learning Systems
Through our Virtual Worlds research group - "Waisman Learning Systems", we do extensive work in the development of virtual learning and business spaces in SecondLife, and undertake considerable formal research into the application of Virtual Worlds to learning. You will find technical and text book material in our Virtual World Learning Systems pages. There is an extensive overview of the literature, and history of virtual worlds, a very large bibliography, details of our in-world networked lecture theatre control systems and lecture delivery systems, and a complete documentation of an extensive academic study undertaken by our WLS team into the effectiveness at achieving learning outcomes of different approaches in delivering course material in 3D virtual worlds.

You will find an extensive reading list and bibliography of works covering virtual worlds and virtual reality concepts, history, ideas, related technologies, and application in learning as well as relevant papers on learning taxonomies and teaching concepts relevant to virtual world learning systems here.

Internal Audit and Management Science

  • Are you heading up an Internal Audit Team or learning internal audit methods?
link=Internal Audit
If yes, you will find complete enterprise level internal audit methods and manuals on this site cross linked to our other management papers. The internal audit manuals cover everything from managing the audit team through planning the audit program to the detail of designing the audit, conducting interviews and undertaking the controls analysis; to reporting the results. Everything you are likely to need to manage and train an internal audit team is here.

  • Are you a manager, management consultant or student of Management Science?
link=Category:Management Science
You will find articles covering topics of general management and process management methods in the RiskWiki including the detailed theory and practice of plannning, process re-engineering, control theory and our proven theories in stakeholder network organisation modelling. The work here is generally unique to this site. All methods have been used extensively and effectively in practice. Start here with process engineering.

  • Are you managing a merger or an acquisition?

link=Managing Risk in Mergers & Acquisitions
Take a look here first and learn about the risks in mergers and acquisitions and successful strategies for managing them from our team who have been through it successfully from both sides or the equation multiple times.

Take A Random Look At The RiskWiki

From the Vault of the BPC RiskWiki...

SM Tutorial 1: A Simple Common Survey


In this survey we shall build a survey with the cool blue look you have seen in some of the examples. Remember, we are only building the "appearance of the survey", the content of the questions and headings is up to you. This presentation is suitable for all classic question - answer survey purposes, and is probably the most common format you will use. It is easy to change the colouring and fonts etc to suite your needs.

This is what it looks like with questions loaded:


Getting This Look

Step 1: Create a new survey in one of the BPC SurveyManager clients and call it whatever you like. Step 2: Working in the header section only, past the following into the "Layout-Form Shell" field:

<#JVScriptLib1><#CSSSheet ><#csslib1 >
<style type="text/css">
..→Read More..

CopyRight Bishop Phillips Consulting Pty Ltd 1997-2012 ( Main Page )
Personal tools