Risk Management Tools Overview
CobbleStone Software is packed with many risk management and risk mitigation tools. This document is not intended to be a comprehensive guide for risk mitigation and management as many of the CobbleStone features include risk management and often depend on the out-of-box fields, configured fields, configured rules, industry requirements, your organization policies & procedures, corporate legal advice, and creative usage of the tools covered in this document.
Basic risk tools
Some of the basic risk mitigation tools include:
- Keeping basic record tracking such as tracking counterparties (vendors and customers), employees, contracts,purchase orders, sourcing needs, and requests.
- Enabling workflow tasks for approvals on the records mentioned above.
- Using document templates to ensure the proper clauses are used.
- Enabling e-signatures to ensure signatures are obtained on important documents and stored in the system.
- Using on-screen alerts to notify users if a record is out of bounds based on field conditions that you configure in workflow.
- Ensuring field validation so your team is providing data for the fields your organization requires.
- Using ad-hoc reporting to monitor many records based on conditions that meet risk criteria. Add the reports to a dashboard to quickly monitor outliers and schedule the report to email managers the report data routinely.
Advance risk management tools
CobbleStone also offers more advanced risk management tools:
- Vendor/Customer risk score cards are useful to measure items specific to a customer or vendor such as their revenues, their performance, their quality, the sensitive information your organization shares with the external party, and more The risk rating feature is a score card tool built into CobbleStone software that enables you to add a risk raking to each vendor and customer. The system tracks the item measured, the category, and the score and trends this data to provide a picture, a score card, of how well the counterparty is performing based on the rated category and/or measure. Additionally, it compares the vendor/customer to other counterparties in the system in the same rated category.
- e-Souring Bidder Rating is a useful too (and required in public procurement) that enables your team to rate each bidder on a bid response (such as a Request for Proposal (RFP), or RFI, and other bid request). It gives the procurement team the ability to quantitatively measure a bidder’s response based on rating category and document why the award was made to the best vendor. The system calculates the average rating provides ratings to enable comparative responses. For better cost control, enable Line-item Bidding to compare what bidder has the best price for a commodity or service when running a bid.
- Risk Assessment Profile Mapping tool is a powerful tool to profile contracts and procurement records based on risk exposure items. The CobbleStone Risk Assessment tool is a rating engine that enables your organization to define risk categories for each exposure your organization has from contract or other risk items and enables your team to assessment the amount of risk for each exposure category and define the probability (or likelihood) the risk may occur. Overtime and as rate risk items (such as contracts, vendors, purchases, etc.) are rated, you can quickly find the risk items outside your company’s acceptable range of risk. This provides a standards-based method to recognize risk and re-evaluate outlying risks.
Artificial Intelligence & Machine Learning
Artificial Intelligence & Machine Learning leverages advanced analytics and statistics combined with artificial intelligence, CobbleStone’s VISDOM™ AI, to help further reduce risk.
Risk Mitigation with Artificial Intelligence with Correlation & Regression has been added to CobbleStone Software and helps by using advanced statistics to recognize risk and both positive and negative patterns. Once a pattern or a trend is detected via correlation and regression analysis, rules can be set to enable the CobbleStone Software AI Engine to make intelligent recommendations based on available data. This provides a standards-based method to recognize risk and re-evaluate outlying risks. For advanced intelligence, have criteria update over time to enable the systems to learn (via Machine Learning). For example, your risk team may want to find out if your financial exposure on services your firm provides is too high for the price of the contract. One would track the indemnification/exposure amount in a contract field along with the contract value for each contract record. The user can then use VISDOM to detect patterns and determine if the two data points are correlated and to help make recommendations. The VISDOM engine will inform you if there is a correlation, if the correlation is positive or negative (a positive correlation may be the higher indemnification exposure as the contract value increase). the rule can be saved and reprocessed to re-evaluate this risk periodically. As a benefit, it can provide onscreen alerts if there are outliers (such as “this contract has 20% higher exposure versus similar contracts”). Moreover, VISDOM measures the amount of indemnification (or financial exposure to your company) for similar services related to the contract price.
Text and Word/Phrase Mining of Document Text Contract Language, Clauses, Terms.With VISDOM artificial intelligence, risk detection of phrases, words, and clauses is easier. The system reads document text and makes recommendations based on the information learned. For example, a good risk mitigation practice is to review terms, conditions, and requirements in contract language to determine if the contract is of an acceptable level of risk to your organization. Next, the risk manager (or attorney) determines if the risk can be mitigated by an addendum to the terms, a new contract at renewal time, or implementation of risk mitigation controls and monitoring. Included in CobbleStone Software Enterprise Edition is a risk engine to help read contract document text, extract text and terms from files quickly, and provide alerts for outliers or items that may be risky to the organization. For example, risk analysis can be used to detect the governing law clause. You simple teach (configure) the rules engine to recognize the term governing law (and applicable variants thereof). Then the next time a contract record is uploaded, VISDOM will review the document and extract text in proximity to the phrase governing law.Another example is searching for PII, personally identifiable information. If you want to review contract documents [when loaded to the system] that contain personal information such as an employee name, email address, customer name or email address, bank routing numbers, or credit card numbers. VISDOM can check the document against the counterparties and employee contact information in Cobblestone Software and extract the data.Additionally, VISDOM can recognize patters that it has been taught to locate money, social security numbers, bank routing numbers, and other sensitive data in documents. This process is great for detection of words, phrases, and risk data when new contract is added. Keep in mind that this is not an exact process as text may be derived from scanned documents, OCR which is not perfect, and the terms of a contract may be offset by other clauses and exhibits. Always have an attorney review your contracts for legal interpretation. See below to perform mass extraction on existing documents.
Bulk Extraction of Text and Clauses in Document Text and Contract Documents.With VISDOM artificial intelligence, bulk extraction of phrases, words, and clauses is easier. For example, you are a new general counsel or risk manager and need to find out into which contracts your company has entered to have an option to purchase properties under lease. If you have 100 lease documents to review, that review may be easy to do as a human. However, if you have thousands of contracts to read and review in a short amount of time, this would be incredibly time consuming for a human, but it is easy to load the contract files into CobbleStone Enterprise Software, let VISDOM detect the text, and then run a job to detect words and phrases and extract the text for legal review. For this example, we just enter in the words we want VISDOM to find, such as option to purchase, purchase options, purchase, and other variants of this word or phrase. Next, we let VISDOM review/read all the text files in its data store and extract the paragraphs and words in proximity to each of these words/phrases it was taught. VISDOM then provides a spreadsheet of each file that contained these words/phrases and the text in proximity to the words/phases. A risk manager or a legal profession can then interpret the results. This process is great for detection of words, phrases, and risk data for a large amount of contract documents. Keep in mind that text extraction is not an exact process as text may be derived from scanned documents, OCR which is not perfect, and the terms of a contract may be offset by other clauses and exhibits. Always have an attorney review your contracts for legal interpretation.