Object Referenced from model Referenced from object Referenced from attribute
Domain Expert IT Definition of Scope and Framework A.1 Definition of external environment Consulted
IT Definition of Scope and Framework A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - CGF A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - CGF A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - CGF A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - CGF A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - ERM A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - ERM A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - ERM A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - ERM A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - ICS A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - ICS A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - ICS A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - ICS A.4 Formulation of impact limit criteria Consulted
IT Monitor and Review A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Consulted
IT Risk Acceptance A.13 Risk acceptance Consulted
IT Risk Acceptance - CGF A.13 Risk acceptance Consulted
IT Risk Acceptance - ERM A.13 Risk acceptance Consulted
IT Risk Acceptance - ICS A.13 Risk acceptance Consulted
IT Risk Assessment A.5 Identification of risks Consulted
IT Risk Assessment A.6 Analysis of relevant risks Consulted
IT Risk Assessment A.7 Evaluation of risks Consulted
IT Risk Assessment - CGF A.5 Identification of risks Consulted
IT Risk Assessment - CGF A.6 Analysis of relevant risks Consulted
IT Risk Assessment - CGF A.7 Evaluation of risks Consulted
IT Risk Assessment - ERM A.5 Identification of risks Consulted
IT Risk Assessment - ERM A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ERM A.7 Evaluation of risks Consulted
IT Risk Assessment - ICS A.5 Identification of risks Consulted
IT Risk Assessment - ICS A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ICS A.7 Evaluation of risks Consulted
IT Risk Communication A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Treatment A.11 Implementation of action plan Consulted
IT Risk Treatment A.12 Identification of residual risks Consulted
IT Risk Treatment A.8 Identification of options Consulted
IT Risk Treatment A.9 Development of action plan Consulted
IT Risk Treatment - CGF A.11 Implementation of action plan Consulted
IT Risk Treatment - CGF A.12 Identification of residual risks Consulted
IT Risk Treatment - CGF A.8 Identification of options Consulted
IT Risk Treatment - CGF A.9 Development of action plan Consulted
IT Risk Treatment - ERM A.11 Implementation of action plan Consulted
IT Risk Treatment - ERM A.12 Identification of residual risks Consulted
IT Risk Treatment - ERM A.8 Identification of options Consulted
IT Risk Treatment - ERM A.9 Development of action plan Consulted
IT Risk Treatment - ICS A.11 Implementation of action plan Consulted
IT Risk Treatment - ICS A.12 Identification of residual risks Consulted
IT Risk Treatment - ICS A.8 Identification of options Consulted
IT Risk Treatment - ICS A.9 Development of action plan Consulted
Internal Audit IT Monitor and Review A.14 Risk monitoring and reporting Responsible
IT Monitor and Review A.14 Risk monitoring and reporting Accountable
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Accountable
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Responsible
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Responsible
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Accountable
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Accountable
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Responsible
IT Risk Assessment A.5 Identification of risks Consulted
IT Risk Assessment A.6 Analysis of relevant risks Consulted
IT Risk Assessment A.7 Evaluation of risks Consulted
IT Risk Assessment - CGF A.5 Identification of risks Consulted
IT Risk Assessment - CGF A.6 Analysis of relevant risks Consulted
IT Risk Assessment - CGF A.7 Evaluation of risks Consulted
IT Risk Assessment - ERM A.5 Identification of risks Consulted
IT Risk Assessment - ERM A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ERM A.7 Evaluation of risks Consulted
IT Risk Assessment - ICS A.5 Identification of risks Consulted
IT Risk Assessment - ICS A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ICS A.7 Evaluation of risks Consulted
IT Risk Communication A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Treatment A.12 Identification of residual risks Informed
IT Risk Treatment - CGF A.12 Identification of residual risks Informed
IT Risk Treatment - ERM A.12 Identification of residual risks Informed
IT Risk Treatment - ICS A.12 Identification of residual risks Informed
Risk Manager IT Definition of Scope and Framework A.1 Definition of external environment Responsible
IT Definition of Scope and Framework A.2 Definition of internal environment Responsible
IT Definition of Scope and Framework A.3 Generation of risk management context Responsible
IT Definition of Scope and Framework A.4 Formulation of impact limit criteria Responsible
IT Definition of Scope and Framework - CGF A.1 Definition of external environment Responsible
IT Definition of Scope and Framework - CGF A.2 Definition of internal environment Responsible
IT Definition of Scope and Framework - CGF A.3 Generation of risk management context Responsible
IT Definition of Scope and Framework - CGF A.4 Formulation of impact limit criteria Responsible
IT Definition of Scope and Framework - ERM A.1 Definition of external environment Responsible
IT Definition of Scope and Framework - ERM A.2 Definition of internal environment Responsible
IT Definition of Scope and Framework - ERM A.3 Generation of risk management context Responsible
IT Definition of Scope and Framework - ERM A.4 Formulation of impact limit criteria Responsible
IT Definition of Scope and Framework - ICS A.1 Definition of external environment Responsible
IT Definition of Scope and Framework - ICS A.2 Definition of internal environment Responsible
IT Definition of Scope and Framework - ICS A.3 Generation of risk management context Responsible
IT Definition of Scope and Framework - ICS A.4 Formulation of impact limit criteria Responsible
IT Monitor and Review A.14 Risk monitoring and reporting Informed
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Informed
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Informed
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Informed
IT Risk Acceptance A.13 Risk acceptance Responsible
IT Risk Acceptance - CGF A.13 Risk acceptance Responsible
IT Risk Acceptance - ERM A.13 Risk acceptance Responsible
IT Risk Acceptance - ICS A.13 Risk acceptance Responsible
IT Risk Assessment A.5 Identification of risks Responsible
IT Risk Assessment A.5 Identification of risks Accountable
IT Risk Assessment A.6 Analysis of relevant risks Accountable
IT Risk Assessment A.6 Analysis of relevant risks Responsible
IT Risk Assessment A.7 Evaluation of risks Responsible
IT Risk Assessment - CGF A.5 Identification of risks Accountable
IT Risk Assessment - CGF A.5 Identification of risks Responsible
IT Risk Assessment - CGF A.6 Analysis of relevant risks Responsible
IT Risk Assessment - CGF A.6 Analysis of relevant risks Accountable
IT Risk Assessment - CGF A.7 Evaluation of risks Responsible
IT Risk Assessment - ERM A.5 Identification of risks Responsible
IT Risk Assessment - ERM A.5 Identification of risks Accountable
IT Risk Assessment - ERM A.6 Analysis of relevant risks Responsible
IT Risk Assessment - ERM A.6 Analysis of relevant risks Accountable
IT Risk Assessment - ERM A.7 Evaluation of risks Responsible
IT Risk Assessment - ICS A.5 Identification of risks Accountable
IT Risk Assessment - ICS A.5 Identification of risks Responsible
IT Risk Assessment - ICS A.6 Analysis of relevant risks Responsible
IT Risk Assessment - ICS A.6 Analysis of relevant risks Accountable
IT Risk Assessment - ICS A.7 Evaluation of risks Responsible
IT Risk Communication A.15 Risk communication - risk awareness - consulting Responsible
IT Risk Communication A.15 Risk communication - risk awareness - consulting Accountable
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Accountable
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Responsible
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Accountable
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Responsible
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Responsible
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Accountable
IT Risk Treatment A.10 Approval of action plan Accountable
IT Risk Treatment A.11 Implementation of action plan Accountable
IT Risk Treatment A.12 Identification of residual risks Accountable
IT Risk Treatment A.8 Identification of options Accountable
IT Risk Treatment A.8 Identification of options Consulted
IT Risk Treatment A.9 Development of action plan Accountable
IT Risk Treatment A.9 Development of action plan Consulted
IT Risk Treatment - CGF A.10 Approval of action plan Accountable
IT Risk Treatment - CGF A.11 Implementation of action plan Accountable
IT Risk Treatment - CGF A.12 Identification of residual risks Accountable
IT Risk Treatment - CGF A.8 Identification of options Accountable
IT Risk Treatment - CGF A.8 Identification of options Consulted
IT Risk Treatment - CGF A.9 Development of action plan Accountable
IT Risk Treatment - CGF A.9 Development of action plan Consulted
IT Risk Treatment - ERM A.10 Approval of action plan Accountable
IT Risk Treatment - ERM A.11 Implementation of action plan Accountable
IT Risk Treatment - ERM A.12 Identification of residual risks Accountable
IT Risk Treatment - ERM A.8 Identification of options Consulted
IT Risk Treatment - ERM A.8 Identification of options Accountable
IT Risk Treatment - ERM A.9 Development of action plan Consulted
IT Risk Treatment - ERM A.9 Development of action plan Accountable
IT Risk Treatment - ICS A.10 Approval of action plan Accountable
IT Risk Treatment - ICS A.11 Implementation of action plan Accountable
IT Risk Treatment - ICS A.12 Identification of residual risks Accountable
IT Risk Treatment - ICS A.8 Identification of options Consulted
IT Risk Treatment - ICS A.8 Identification of options Accountable
IT Risk Treatment - ICS A.9 Development of action plan Consulted
IT Risk Treatment - ICS A.9 Development of action plan Accountable
Risk Owner IT Definition of Scope and Framework A.1 Definition of external environment Consulted
IT Definition of Scope and Framework A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - CGF A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - CGF A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - CGF A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - CGF A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - ERM A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - ERM A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - ERM A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - ERM A.4 Formulation of impact limit criteria Consulted
IT Definition of Scope and Framework - ICS A.1 Definition of external environment Consulted
IT Definition of Scope and Framework - ICS A.2 Definition of internal environment Consulted
IT Definition of Scope and Framework - ICS A.3 Generation of risk management context Consulted
IT Definition of Scope and Framework - ICS A.4 Formulation of impact limit criteria Consulted
IT Monitor and Review A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Consulted
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Consulted
IT Risk Acceptance A.13 Risk acceptance Consulted
IT Risk Acceptance - CGF A.13 Risk acceptance Consulted
IT Risk Acceptance - ERM A.13 Risk acceptance Consulted
IT Risk Acceptance - ICS A.13 Risk acceptance Consulted
IT Risk Assessment A.5 Identification of risks Consulted
IT Risk Assessment A.6 Analysis of relevant risks Consulted
IT Risk Assessment A.7 Evaluation of risks Consulted
IT Risk Assessment - CGF A.5 Identification of risks Consulted
IT Risk Assessment - CGF A.6 Analysis of relevant risks Consulted
IT Risk Assessment - CGF A.7 Evaluation of risks Consulted
IT Risk Assessment - ERM A.5 Identification of risks Consulted
IT Risk Assessment - ERM A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ERM A.7 Evaluation of risks Consulted
IT Risk Assessment - ICS A.5 Identification of risks Consulted
IT Risk Assessment - ICS A.6 Analysis of relevant risks Consulted
IT Risk Assessment - ICS A.7 Evaluation of risks Consulted
IT Risk Communication A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Treatment A.10 Approval of action plan Responsible
IT Risk Treatment A.11 Implementation of action plan Responsible
IT Risk Treatment A.12 Identification of residual risks Responsible
IT Risk Treatment A.8 Identification of options Responsible
IT Risk Treatment A.9 Development of action plan Responsible
IT Risk Treatment - CGF A.10 Approval of action plan Responsible
IT Risk Treatment - CGF A.11 Implementation of action plan Responsible
IT Risk Treatment - CGF A.12 Identification of residual risks Responsible
IT Risk Treatment - CGF A.8 Identification of options Responsible
IT Risk Treatment - CGF A.9 Development of action plan Responsible
IT Risk Treatment - ERM A.10 Approval of action plan Responsible
IT Risk Treatment - ERM A.11 Implementation of action plan Responsible
IT Risk Treatment - ERM A.12 Identification of residual risks Responsible
IT Risk Treatment - ERM A.8 Identification of options Responsible
IT Risk Treatment - ERM A.9 Development of action plan Responsible
IT Risk Treatment - ICS A.10 Approval of action plan Responsible
IT Risk Treatment - ICS A.11 Implementation of action plan Responsible
IT Risk Treatment - ICS A.12 Identification of residual risks Responsible
IT Risk Treatment - ICS A.8 Identification of options Responsible
IT Risk Treatment - ICS A.9 Development of action plan Responsible
Senior Management IT Definition of Scope and Framework A.1 Definition of external environment Accountable
IT Definition of Scope and Framework A.2 Definition of internal environment Accountable
IT Definition of Scope and Framework A.3 Generation of risk management context Accountable
IT Definition of Scope and Framework A.4 Formulation of impact limit criteria Accountable
IT Definition of Scope and Framework - CGF A.1 Definition of external environment Accountable
IT Definition of Scope and Framework - CGF A.2 Definition of internal environment Accountable
IT Definition of Scope and Framework - CGF A.3 Generation of risk management context Accountable
IT Definition of Scope and Framework - CGF A.4 Formulation of impact limit criteria Accountable
IT Definition of Scope and Framework - ERM A.1 Definition of external environment Accountable
IT Definition of Scope and Framework - ERM A.2 Definition of internal environment Accountable
IT Definition of Scope and Framework - ERM A.3 Generation of risk management context Accountable
IT Definition of Scope and Framework - ERM A.4 Formulation of impact limit criteria Accountable
IT Definition of Scope and Framework - ICS A.1 Definition of external environment Accountable
IT Definition of Scope and Framework - ICS A.2 Definition of internal environment Accountable
IT Definition of Scope and Framework - ICS A.3 Generation of risk management context Accountable
IT Definition of Scope and Framework - ICS A.4 Formulation of impact limit criteria Accountable
IT Monitor and Review A.14 Risk monitoring and reporting Informed
IT Monitor and Review - CGF A.14 Risk monitoring and reporting Informed
IT Monitor and Review - ERM A.14 Risk monitoring and reporting Informed
IT Monitor and Review - ICS A.14 Risk monitoring and reporting Informed
IT Risk Acceptance A.13 Risk acceptance Accountable
IT Risk Acceptance - CGF A.13 Risk acceptance Accountable
IT Risk Acceptance - ERM A.13 Risk acceptance Accountable
IT Risk Acceptance - ICS A.13 Risk acceptance Accountable
IT Risk Assessment A.5 Identification of risks Informed
IT Risk Assessment A.6 Analysis of relevant risks Informed
IT Risk Assessment A.7 Evaluation of risks Accountable
IT Risk Assessment A.7 Evaluation of risks Informed
IT Risk Assessment - CGF A.5 Identification of risks Informed
IT Risk Assessment - CGF A.6 Analysis of relevant risks Informed
IT Risk Assessment - CGF A.7 Evaluation of risks Informed
IT Risk Assessment - CGF A.7 Evaluation of risks Accountable
IT Risk Assessment - ERM A.5 Identification of risks Informed
IT Risk Assessment - ERM A.6 Analysis of relevant risks Informed
IT Risk Assessment - ERM A.7 Evaluation of risks Accountable
IT Risk Assessment - ERM A.7 Evaluation of risks Informed
IT Risk Assessment - ICS A.5 Identification of risks Informed
IT Risk Assessment - ICS A.6 Analysis of relevant risks Informed
IT Risk Assessment - ICS A.7 Evaluation of risks Accountable
IT Risk Assessment - ICS A.7 Evaluation of risks Informed
IT Risk Communication A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - CGF A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ERM A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Communication - ICS A.15 Risk communication - risk awareness - consulting Consulted
IT Risk Treatment A.10 Approval of action plan Informed
IT Risk Treatment A.11 Implementation of action plan Informed
IT Risk Treatment A.12 Identification of residual risks Informed
IT Risk Treatment - CGF A.10 Approval of action plan Informed
IT Risk Treatment - CGF A.11 Implementation of action plan Informed
IT Risk Treatment - CGF A.12 Identification of residual risks Informed
IT Risk Treatment - ERM A.10 Approval of action plan Informed
IT Risk Treatment - ERM A.11 Implementation of action plan Informed
IT Risk Treatment - ERM A.12 Identification of residual risks Informed
IT Risk Treatment - ICS A.10 Approval of action plan Informed
IT Risk Treatment - ICS A.11 Implementation of action plan Informed
IT Risk Treatment - ICS A.12 Identification of residual risks Informed