How EQS Risk Manager supports your company: EQS Risk Manager helps you to safely implement your due diligence obligations and manage associated compliance risks – simply and efficiently.
Upload or transfer, and then manage relevant company/supplier data in the data center
- Central collection of company-specific data, also for subsidiaries and (in)direct suppliers
a) Analysis and prioritization in the company overview
- See which companies require closer examination or specific measures
- Clear prioritization of further risk management efforts
b) Efficient management of multiple companies/suppliers with groups of companies
- Bundle companies with similar potential legal violations, for more effective action and management
a) Supplier evaluation and certificate requirements
- Via the Risk Manager, suppliers are invited to join and self-evaluate on the EQS Supplier Platform
- Result: Assessment of LKSG conformity / Validation by certificates
b) Complementary manual risk assessment for specific high-risk suppliers
- Implementation and documentation of a focused risk analysis in accordance with the LKSG
c) Assignment of potential legal violations to individual suppliers
- Supplementing the focused risk analysis by documenting the feared violations of the law with the help of the
a) Organization of measures with integrated task management
- Planning of selected preventive measures for the respective company or group of companies
Basis: register of measures
- Pre-filled register of measures serves as a starting point for the assignment of measures
Grievances and ad-hoc remedial measures can be organized, documented and connected to ongoing risk management
- Automatic transfer of relevant grievances from the EQS Integrity Line
- Linking incoming grievances with risk groups, companies and measures
Effectiveness control based on the evolution of risk assessments over time
- Regular and event-related risk analyses are documented and, if necessary, archived
- The traceability of risk development over time makes it possible to monitor the effectiveness of measures
The traceability of risk development over time makes it possible to monitor the effectiveness of measures.
- Simple reporting based on continuous documentation in a dedicated reporting function
You have questions? We have answers!
The risk manager plays a crucial role in the overall non-financial risk management of your company, particularly addressing Supply Chain Due Diligence, requirements . As such, it helps you comply with specific regulations such as the German Supply Chain Due Diligence Law (Lieferkettensorgfaltspflichtengesetz or LkSG), or other nationally relevant supply chain due diligence regulations.
The risk manager is primarily designed to help users comply with common supply chain due diligence requirements, e.g. those of the German Supply Chain Due Diligence Act, of similar supply chain due due diligence laws in other countries, or of the UN’s and OECD’s related requirements. The user can also customize the types of potential legal violations managed in the system, as well as the measures to manage risks of violations. This opens a broad range of further application possibilities in regards to the management of other compliance risks. However, the tool is not intended for the management of commercial risks.
The risk manager can benefit companies across all industries, sectors, and countries. It offers users the flexibility to incorporate industry or sector-specific violations and measures, ensuring wide-ranging applicability. It also contains abstract risk ratings for all major sectors.
The risk manager is a comprehensive non-financial risk management solution, particularly focused on addressing human rights and environmental risks. It is specifically tailored to prioritizes risks based on criteria such as the potential number of affected individuals, the severity of effects, the probability of occurrence, and the potential for remediation.
The risk manager offers several features to assist you in prioritizing your efforts to manage risks effectively:
- a. Abstract Risk Calculation: The system automatically calculates an abstract risk score for suppliers based on country and sector as soon as they are uploaded to the risk manager.
- b. Filtering Capabilities: The risk manager allows you to filter suppliers based on various criteria for e.g., abstract risk, spend, number of employees, country, sector, and user tags. This enables you to focus on suppliers that may pose higher risks or are of greater significance to your organization.
- c. Supplier Evaluation: For additional information on your suppliers, our supplier evaluation feature enables you to efficiently obtain further first-hand information from your suppliers, helping you to assess supplier-specific risks.
The risk manager continuously documents your due diligence efforts, including the risk analysis, its results, and the measures you take in order to manage risks. Based on this, the risk manager can automatically compile most of the answers to the questions which the BAFA (Bundesamt für Wirtschaft und Ausfuhrkontrolle) asks in it’s digital reporting platform.
Yes. The risk manager provides a range of training and support resources to assist users in their risk management efforts. This includes a comprehensive library of violations that encompass the protected positions defined by the LksG and a library of measures to effectively manage and prevent these violations. Furthermore, the risk manager includes a selection of templates such as the Declaration of Principles, training materials, and audit checklists.
The risk manager is currently available for use in German and English. However, new languages will be added soon.
EQS Group supports compliance with the European Data Protection Regulation (GDPR) and other data protection regulations worldwide through various measures at the organizational, technical and functional level.
At the organizational level, through measures taken for information security and data protection in the form of a proper and certified ISMS according to ISO 27001 standards. This is subject to regular internal and independent audits.
Customers have the option to use both private or public clouds, with private clouds being offered in France, Germany and Switzerland.
The estimated timeline for implementing the risk manager, including supplier data upload and integration, typically ranges from 2 to 6 weeks.