Leveraging the ORX Data Risk Taxonomy with Modifications
The data governance lead at a large company needed to quickly develop a first draft of a data risk register. Data Risk is a component of operational (non-financial risk). The Tavro team leveraged the ORX Operational Risk Taxonomy of Level 1 and Level 2 risks as the basis for this exercise. The Tavro team modified the ORX taxonomy to add data-related risks such as data fluency/literacy.
Tavro Data Risk Register Agent
The Tavro team interviewed the Data Governance Lead on their Data Risk program. We then ingested a transcript of that interview into the Tavro AI Agent. The Tavro AI Agent generated a report with the following table contents:
- Introduction
- Data Risk Register Table
- Bar Chart with Risk Scores by Level 2 Risk
Data Risk Register
The Tavro AI Agent cataloged specific vulnerabilities against the Level 2 risks in the taxonomy. Given firmographics of the organization (headcount, industry, revenues), the agent used deep research to develop an initial assessment of Risk Likelihood and Risk Impact (Low – 1, High – 3). The Risk Score was computed as follows:
Risk Score = Risk Likelihood x Risk Impact
The agent also produced a bar chart plotting the risk scores for each Level 2 Data Risk.
Tavro AI Agent Generated Report in a Matter of Minutes to Prioritize Next Steps for the Data Governance Lead
The report helped the Data Governance Lead align with their internal stakeholders on next steps on the project. If the Data Governance Lead was unaware of risks, they were marked as N/A. This approach flagged areas for further research by the Data Governance Lead.
Based on previous experience, a similar report would have taken several weeks to produce. Using the Tavro agent, this report was produced in a matter of hours.
