Organizational Hierarchy Extra

Organizational Hierarchy

The Organizational Hierarchy Extra enables the ability to define multiple Business Units which can include any number of teams. Users can then be assigned across one or more teams under various Business Units. This affects a user's ability to see and use the teams, users, and assets to which they are not associated.

What are SimpleRisk Extras?

SimpleRisk Core is our widely acclaimed, award winning, free and open source product that has been downloaded over 60,000 times and contains all of the basic Governance, Risk Management and Compliance (GRC) functionality needed to establish a foundational GRC program. As an organization’s GRC program matures, extended functionality is often required to meet requirements beyond what is available in the SimpleRisk Core offering.

To address these expanded needs, SimpleRisk has developed a variety of plug-and-play modules termed "Extras" that provide functionality above and beyond our SimpleRisk Core offering. These plug-and-play modules will be essential to the success of your GRC program as your organization grows and matures its processes. While all of our Extras are available in packaged bundles with both SimpleRisk On-Premise and Hosted deployment models, they can also be purchased A La Carte for those organizations that choose to deploy our platform on-premise.

Why was the Organizational Hierarchy Extra created?

Prior to introducing the Organizational Hierarchy Extra, the only way in which SimpleRisk customers could implement separation within their organization was by using our Team-Based Separation Extra, which provides separation of risks at the team level or by purchasing a completely separate instance of SimpleRisk, which was not a very cost-effective alternative. After obtaining feedback from a number of our larger Customers we realized that there was a need to provide separation at a higher level, like a Business Unit. This was not so much to prevent one group from seeing another's risks, as that is handled via Team-Based Separation, but to enable separation between one Business Unit from another.

To address this requirement, we introduced the Organizational Hierarchy Extra. This Extra makes it so that SimpleRisk will only show you users and teams that belong to your business unit. This is not a "separate SimpleRisk instance" per se, since it allows for the same SimpleRisk system to be used across these separate teams, but it does enable discrete business units to leverage the fully-featured version of SimpleRisk and use the Customization Extra to create custom risk templates to match specific use cases, workflows and naming conventions. Organizational Hierarchy also allows you to hide assets that aren't a part of a given business unit.

How is the Organizational Hierarchy Extra used?

The Organizational Hierarchy Extra enables organizations, especially larger ones, to establish separate Business Units within SimpleRisk, such as a Legal Entity, Finance, IT, Security Operations, or Geographic locations. This is especially beneficial when these separate entities have unique risk management requirements such as use cases, workflows, naming conventions and reporting and eliminates a barrier to wider adoption.

Organizational Hierarchy

What users would benefit from the Organizational Hierarchy Extra?

Organizational Hierarchy offers benefits to SimpleRisk administrators and technical users, business users, management, separate Business Units (BUs) and ultimately, the entire organization.  This Extra provides the ability to:

  • Accelerate user adoption by customizing templates to match unique BU naming conventions;
  • Tailor GRC functionality per BU making SimpleRisk easier to administer in large organizations;  
  • Measure how BUs are doing against risk mitigation goals to prioritize mitigation efforts;
  • Gain an organization-wide view of risk by rolling up the combined risk metrics from BUs;
  • Compare organization-wide risk metrics to BU metrics to determine which BUs are falling short.

Which plans include the Organizational Hierarchy Extra?

The Organizational Hierarchy is priced separately and is not included as a part of our On-Premise or Hosted plans. The reason for this is based on our concern that "resellers" could potentially use the Organizational Hierarchy Extra to procure one copy of the SimpleRisk Extras and then use that to create a single platform for multiple customers.  Clearly, that's not the spirit under which Organizational Hierarchy was introduced nor intended to be used.  

Organizational Hierarchy is only available as an add-on to our On-Premise Premium Package and our Hosted Large Enterprise Plan, and is priced per Business Unit / Year.  Please note that for organizations with a large number of Business Units, we are able to offer an unlimited BU / Year pricing model.

How can I learn more about the Organizational Hierarchy Extra or try it out for myself?

To learn more about the Organizational Hierarchy Extra or discuss specific use cases for how your organization could use it, feel free to schedule a demo online. If you would like to try out the Organizational Hierarchy Extra functionality for yourself, we offer a free (no credit card required!) 30 day trial. Please reach out to SimpleRisk Support if you have any additional questions about the Organizational Hierarchy Extra or any of the additional functionality that we offer.