Introduction
Course Introduction
This course explains the theory, implementation and operation of the Business Units, Assets, Third Parties and Liability module and how they relate to other modules within eramba
Primarly this course requires you to undertand "Theory". Eramba "Use Cases" require this module to be implemented, for that reason these guides make constant regerence to this course "Theory" and "How-To" Guides. Advanced Configurations explain you how to implement this module with more sophisticaeted configurations.
Typical Scenarios
This chapter explains ways in which these modules are used in eramba:
-
BU, Process, Assets, Liabilities, Third Parties are used in Risk Management (Asset, Third Party and Business Risk)
-
Third Parties are used in Online Assessmnets to perform Supplier Assessments
-
Assets are used for Data Privacy and optionally for Account Reviews
Supported Versions
This feature runs on Community and Enteprise versions.
Theory
Scope
Before diving into the technical details of how these modules function in eramba, it is important to define what they are intended to store:
-
Business Units: These are the departments within your organization (e.g., IT, Sales, HR). Processes are optional sub-elements that describe the specific activities these departments perform. A single Business Unit (BU) can oversee one or more Processes.
-
Assets: These are the physical and digital items owned by the organization, such as laptops, applications, databases, or data. Every Asset must be related to at least one Business Unit. For example, the "IT" Business Unit would be associated with the "Laptops" Asset. This module is not intended to function as a CMDB (Configuration Management Database). It is not designed to store every individual laptop, server, or device in the organization. Instead, it should be used to maintain a high-level inventory of asset categories, such as an Asset called "Laptops" rather than records for each individual laptop.
-
Third Parties: For most organizations, Third Parties primarily represent suppliers and vendors. While this module can also be used to manage other external parties, such as customers, partners, or contractors, its main purpose is typically vendor and supplier management.
-
Liabilities: These are the contractual or legal agreements your organization has entered into. They represent the obligations that affect your Assets, Business Units, and Third Parties.
These are supporting modules that aid the implementation of one or more "Use Cases", the following section shows how they relate to these use cases.
Risk Management
While this is explained in more detail in the Risk Management Use Case guide, the brief explanation is that these modules provide the necessary context for your Risks.
You cannot use any of the three Risk modules without first utilizing these supporting modules. As you can see in the diagram below, Business Units, Assets, Third Parties, and Liabilities act as the foundational data that feeds directly into your Risk assessments.
Online Assessments
When working with the Online Assessment Use Case, you will see that assessments can take different inputs depending on the questions you ask and their specific purpose. While these associations are not mandatory for an Online Assessment (OA), they are often highly desirable for data integrity.
Data Privacy
To create a Data Flow (something essential for Data Privacy), you must have at least one Asset defined. And, as we now know, every Asset requires at least one Business Unit to be associated with it.
