Risk Management Software from Opture

The Opture Risk Management Software is modularely upgradeable from a simple ERM (=Enterprisewide Risk Management) software Opture ERM Basic for beginners, over the Opture ERM Advanced version with Monte Carlo simulation for experienced risk managers up to the Opture ERM Expert version for professionals. All software solutions from Opture are intuitive to use, customer configurable, individually administrable, easy to implement and available in multiple languages.

Call us on +49 40 86 62 77 88 or email us at info@opture.com

Order your free personal software presentation or our detailed product brochures now.

Opture 5i-Concept

Opture 5i-Concept

The Opture 5i-Concept characterizes the unique selling proposition of the Opture risk management software:
Intuitive usability and "look & feel" for a high user acceptance.
Innovative methods and functionalities for the hierarchical aggregation of risk data and ensuring highest data quality.
Intelligent filter functions for efficient risk analysis and optimal risk steering.
Individual configuration and administration of the software for mapping customer-specific structures and individual authorization rights.
Informative reporting through automatically updated and event- or addressee-related risk reports.

Advantages 5i-Concept

Regulatory and security modules

The Opture risk management software modules listed below will assist you in meeting regulatory requirements and mapping ISO standards or implementing certifications.

Information Security - ISMS

With the Module ISMS of the Opture risk management software we support you in the professional organization and documentation of your information security system (ISMS). The requirements according to ISO / IEC 27001, EU-DSGVO and BSI-IT-Grundschutz are represented by the functionalities of the Opture software and thus support you with your certification.

  • Assessing and managing information security risks, e.g. according to ISO 27001, ISO 27002 or ISO 27005
  • Identification of criticality and protection requirements of processes and assets in terms of protection goals
  • Identification and documentation of information security measures
  • Management of Security Incidents (Security Incident Management)
  • Inventory of the protected objects (asset inventory) including inheritance of the protection requirement
  • Analysis of the status and degree of fulfillment of the information security requirements
  • ISMS Status Report with real-time information about the status and progress of the ISMS

Business Continuity - BCM

With the Module BCM of the Opture risk management software we support you in the implementation and operational realization of Business Continuity Management (BCM) according to ISO standard 22301.

  • Assessment and management of BCM relevant risks
  • Documentation of the processes and objects in the Business Impact Analysis (BIP -> Processes, Resources, Downtime, Restart Parameters, Inheritance Dependencies)
  • Storing phases of "restart" (e.g. 1. immediate measures, 2. emergency restart, 3. emergency operation, 4. normal operation recovery, 5. post-processing)
  • Definition of roles and responsibilities in the event of a crisis (including alerting and communication channels)
  • Documentation and management of derived measures
  • Link to "continuous improvement processes" (CIP)
  • BCM Status Report with real-time information about the status and progress of the BCM

Data Security - DSMS

With the Module DSMS of the Opture risk management software we support you in the development and further development of the Data Security Management System (DSMS) and the implementation of the requirements of the EU General Data Protection Regulation (EU-GDPR). The requirements for an efficient and effective DSMS are fully met.

  • Central administration of data protection requirements, also according to Art. 35 EU-GDPR (Data Protection Impact Assessment)
  • Identification and evaluation of data protection risks, as well as documentation of technical and organizational measures (TOM)
  • Evaluation and follow-up of data protection measures (including TOMs)
  • Documentation and management of events against data security
  • Data protection report (including "List of processing activities")

Compliance - CMS

With the Module CMS of the Opture risk management software we support you in the implementation and operational realization of the Compliance Management System (CMS) according to ISO 19600.

  • Qualitative and / or quantitative evaluation of compliance risks
  • Central storage for documents
  • Definition and monitoring of controls and monitoring measures
  • Management compliance violations and initiation of continuous improvement
  • Monitoring compliance measures
  • Standard and custom configurable compliance reports

Risk Reporting

Opture Risk Reporting

The risk report in Opture can be configured individually as needed and automatically updated by just pressing of a button. A standard risk report can be provided as flow text (e.g. executive summary) or in chart form (e.g. presentations) with approx. 100 graphical variants stored in the software, which can be configured and changed at any time by the user according to his/her needs. Users can also upload individual risk reports in the form of their own report templates into the risk management software, whose contents are then filled with the calculated risk results. All graphics and data in the text passages are automatically updated with the newly calculated results at the push of a button.

Advantages for Reporting

  • Standard report available
  • Individual reports importable
  • Reports individually configurable
  • Automatic report-updating
  • Reports for different recipients
  • Text and presentation reports


The Opture risk management software provides an overall view of the interrelationships between business units, processes, functional units, risk categories, risks/opportunities/measures and their risk owners. All Opture software solutions are web applications and compatible with all standard servers, databases (Oracle, IBM, MySQL), browsers (IE, Firefox, Safari), operating systems (Windows, Linux, Solaris) and end devices (PC, tablet, mobile phone). Due to the professional system architecture and special developments, the Opture risk management systems meet the highest data security requirements.

Intuitive Operation

All Opture software solutions are intuitive to use and the results are transparent and plausibly understandable.

Modularly Extendible

Opture is modularly extendible from a simple entry-level software (Basic) to a high professional ERM system (Expert).

Easy to Administer

Users and access rights (roles, clients) can be created and modified individually by the risk manager.

Individually Configurable

The risk manager can configure all structures in the software individually as he/she wishes at any time, w/o external support.

Fast and Result-oriented

Opture is built in such a way that the up-to-date results and reports can be accessed from every step of the process.

Efficient to Implement

Our Opture software solutions are compatible with all standard servers and databases. We also offer hosting options.

Functions & Features

All Opture risk management software solutions map the complete risk management process. Within the framework of a fully integrated system, the contents and functions of the individual risk management process steps are interlinked.

With regard to administration and configuration, Opture risk management software offers the highest degree of flexibility, which allows the user to modify structures and content in the software, thus enabling individualisation of the entire application.

System Integration

The Opture risk management software is a fully integrated enterprisewide risk management system. The software can be successively expanded modularly, from a simple application for beginners to the professional application for experienced risk managers and experts. In contrast to many other risk management software solutions, no third-party systems are used, not even when using a Monte Carlo simulator. All contents and activities of the risk management process are fully linked and integrated so that users can work without interruption in terms of content and technology.

The Opture risk management software is easy to implement and will be done by our experienced technicans in coordination and cooperation with your IT department. The Opture system is compatible with ALL standard databases, servers and operating systems. For our customers we also take over the hostoing of the software (-> with highest security standards, which we also offer and implement for financial institutions).

Software Administration

Opture risk management software is easy to administer by authorised users. The application has a role and client-enabled authorisation concept. The administrator can independently create new users and define individual access rights or roles for individual users. This enables the definition of both the authorised activities (e.g. reading, writing, calculating, reporting, etc.) and also the structures (e.g. business units, risk categories, risk owners, etc.) for which these activities are valid. Thus, in an extreme case, access (reading, writing, etc.) can be restrictively controlled individually up to the individual risk level for each risk owner. Furthermore, different views of the interfaces (e.g. to reduce the contents at the input mask) can be defined for the user.

The Opture software includes a sign-off procedure for the "approval" of risks and the assessments of these by supervisors or risk managers. In the context of this sign-off procedure, the respective supervisor assesses the risks identified and evaluated by his/her employees and, where applicable, approves these. This workflow ensures that the risk assessments have been accepted and approved across all hierarchy levels.

For auditing security, Opture includes a "logging" (-> audit trail) in which all processes and activities of the users within the software are stored and documented.

Software Configuration

The Opture risk management software is independently configurable by the administrator and/or by users with appropriate authorisation rights. All individual structures of a company can be represented in the software with their affiliated /subsidiary companies and hierarchy levels. The user can independently modify (-> edit, rename, delete, move) all structures (-> organisation, processes, risk owners, risk categories) and create and/or add new structures. The user can therefore individually configure the Opture software according to his/her structural requirements.

Industry Specific Risk Catalog

The Opture risk management software includes a comprehensive, consistent and industry-specific risk catalog. This risk catalog, based on benchmark data, can be taken over by our customers risk manager, modified or replaced by the company's own risk catalog.

Sign-off Process

The Opture risk management software includes an sign-off procedure for the "approval" of risks and their assessments by superior employees. As part of this sign-off process, the respective supervisor employee assesses the risks that have been identified and evaluated by his employees and releases them if necessary. This workflow ensures that the risk assessments were accepted and cleared across all hierarchy levels.

Risk Profiling

To increase data quality, Opture risk management software can define so calles "risk profiler", beside the risk owners. The risk profilers are experts who provide additional risk assessments. Compared to conventional risk assessment methods, Opture's "Risk Profiling Concept" significantly improves the data quality of risk assessments.

Steering Efficiency

The results from the risk analysis are used as an input for the risk steering. For an efficient risk steering it is important to define suitable steering measures for risk mitigation. Intelligence risk steering is characterized by proactive behavior. Risk steering takes place at three different levels, at the level of the (1.) holding or the entire enterprise, (2.) affiliated companies (e.g. subsidiaries), (3.) functional units (e.g. sales, production, etc.) and (4. ) risk categories (e.g. compliance, operations, etc.).

For an optimal risk steering it is neccessary to analyze wheather the already implemented or planned measures are efficient or not. Often it can be observed that the measure costs are the same as the risk values or the mitigation effects, which is obviously not efficient. Therefore it is neccessary to define the risk mitigation effects and mitigation costs and consider them within the calculations.

Portfolio Evaluation

Efficient risk management takes place both at individual risk level and at consolidated level (-> diversification effects). Often, for a sustainable and value-orientated risk management, it is not sufficient or appropiate to specify and depict the top 10 risks in a risk map because both (1.) market risks (often with an average value of "0" lile exchange rates or raw material price volatilities -> normally distributed) such as (2.) correlated risk which occurr simultaneously (-> cause of the crisis in 2008/2009) are not considered.

The Opture risk management software enables the analysis and steering of individual and company-specific risk portfolios. Risk portfolios can be individually defined by the users, across all hierarchy and structure levels. For example, it may be relevant to calculate the risk exposure of the compliance risks of an American subsidiary and to derive and define specific steering and risk mitigation measures for this purpose.

Risk Driver Function

In the Opture risk management software, the risk drivers for each risk can be specified and calculated. In addition, the sensitivities and risk exposures of the individual risk drivers can be calculated and appropriate steering measures can be derived.