The complete functionality of CERRIX has been a reason for some of our bank customers to use CERRIX. Our specific knowledge of the Basel II / III and other supervisory requirements make CERRIX extremely suitable for banks. A few Risk & Control frameworks are supplied as standard.
A new mortgage bank is being set up based on a different business model than the existing one. The entire device is set up from scratch.
CERRIX is used for the elaboration of the High Level Process Designs that are a visual representation of future work processes. This is combined with the Risks, (Framework) Controls and Key Risk Indicators. This greenfield was able to build everything from the ground up and the approach helped very well with the design of the business processes.
The bank uses CERRIX for several purposes. This is a good example of how different 2nd and 3rd line responsibilities can use the same application. For the In Control process, the risk profiles per business unit are periodically assessed and managed by Operational Risk Management. In addition, Internal Audit can set out actions and manage follow-up through workflow. The Model Validation department can better control the quality of the applied calculation models.
A large number of pension funds and pension providers already use CERRIX. We have standard process models, dashboards and Risk Control Frameworks available.
A large pension provider wants to replace different systems with one integrated GRC application. The Audit, Compliance and Risk staff departments will jointly make use of one information system. This creates more uniformity in the use of the Risk Universe (organizational structure, business processes, services, etc.) and follow-up management of actions that have been set out. A great deal of efficiency can be achieved in the alignment between 1st, 2nd and 3rd line because the application optimizes their collaboration.
The ISAE3402 and COS3000 reports can be traced directly from the application.
The AVG can be supported by reporting data breaches, maintaining a processing register and turning off PIAs.
This industry-wide pension fund has outsourced asset management and pension administration to third parties. The risk management process needed a higher maturity level. The risk management committee wanted to automate the risk process more so that information could be provided faster and in a more structured manner. In addition to the risk inventory, a great deal of value was attached to the assessment of the effective operation of the Controls. The new risk tool therefore mainly had to support the Controls Testing process. In this way a tighter and faster monitoring of the Key Controls is possible.
CERRIX has supported an insurer with the structuring of non-financial risks. This included the governance, design of the risk management framework and the risk control process.
Municipalities, semi-government institutions but also central government work on programs to improve the risk management process. Various control frameworks can help to standardize the control framework more.