The present invention relates to a computer-implemented method of generating a ranking dataset according to claim 1 , in particular for ranking functional entities according to their performance. Furthermore, the present invention relates to a data processing system according to claim 13. Moreover, the present invention relates to a computer program product according to claim 14. Finally, the present invention relates to a computer- readable data carrier according to claim 15.

Technological Background

Functional entities may be represented by or comprised of any kind of technical processes generating a certain output. The functional entities maybe a certain type of facility, such as a wind turbine, solar power plant, water refinery, or a combination of such facilities, e.g. as a wind park, or assets of a company operating those facilities in order to generate a certain output. This output can be a utility, e.g. electricity, gas or water supply, as provided by companies from the "green sector", dealing with renewable energies, waste management, recycling, and alike.

Methods for generating ranking datasets for ranking functional entities according to their performance as well as corresponding data processing systems, computer program products, and computer-readable data carriers are known from the prior art.

An example for performance measurements according to the prior art are so-called key performance indicators (KPI) which help in evaluating the performance of functional entities. Performance or success is commonly defined in the degree of achieving an operational goal or making progress towards a goal, such as a certain output. For determining KPIs, certain performance indicators have to be measured as values for computing a performance of the functional entity. The performance indicators can be presented by numbers for making quantitative or qualitative measurements. Input indicators can measure an amount of resources used for generating a certain output. Process indicators can help in measuring efficiency of the functional entity of processes therein. Output indicators can help in quantifying an output of the functional entity, etc.

When functional entities are based on or related to technical processes, such as manufacturing processes, processes for converting energy and/or substances, which generally involve measurement and control algorithms and other IT operations, the KPIs defined for assessing performance of the functional entities commonly involve factors like reliability, availability, maintainability, and safety (RAMS), wherein reliability is defined as an ability of the functional entity to perform according to certain standards in a reliable manner. Availability reflects the ability of keeping the functional entity in a functioning state. Maintainability depends on the efforts for maintaining the functional entity.

A main factor in assessing the performance of functional entities especially in the "green sector" is their reliability because purpose and output of those functional entities are closely linked to fundamental demands of contemporary civilisations in that they depend strongly on reliable and sustainable water, energy and consumable supplies as well as sanitation. Determination of the reliability often goes hand in hand with reliability engineering for determining the ability of the functional entities to function under predefined conditions for a desired or required period of time. Reliability is commonly defined as complementing a probability of failure, i.e. the frequency of failures, in that reliability equals 1 minus the probability of failure.

The probability of failure is commonly measured by the so-called mean time between failures (MTBF) which is supposed to be protecting a timespan between inherent failures of a functional entity during standard operation. For example, the MTBF is defined as an arithmetic average time between the occurrence of failures of the functional entity. Based on the MTBF of the functional entity, availability of that functional entity and therefore performance of the functional entity can be determined. If comparable with each other, functional entities can then be ranked according to their respective MTBF.

Methods for determining KPIs, such as RAMS, according to the prior art, by implication commonly aim to provide an assessment of quantitative or qualitative risks involved in the operation of functional entities. In such so-called risk assessment, parameters like the MTBF representing a probability (p) of a loss of failure are multiplied with an estimated magnitude of the potential loss (L) caused by the failure in order to arrive at a theoretical risk (R) of operating a functional entity. As functional entities often involve or comprise complex technical systems, an assessment of the risks has to take into account both, reliability and safety engineering as well as analysis of environmental impacts. According to the prior art, such risk assessments are commonly carried out in the field of energy engineering, in particular nuclear power plants, oil platforms and refineries, as well as transport, e.g. air travel and railroads or alike.

Due to the complexity of functional entities, in particular technical systems, according to the prior art an assessment of quantitative risks involved in the operation is carried out by quantitative risk assessment (QRA) software. Such software is used in technical sectors as well as financial sectors. In technical sectors, a QRA is primarily aiming to model the effects of a failure of a functional entity, including a potential loss of life (PLL), whereas in the financial sector, QRA commonly relates to a determination of a single loss expectancy of a monetary value, such as an asset or investment. Interestingly, both technically and financially, QRA strongly involves determination of the reliability of a functional entity as laid down in connection with the MTBF above.

In conference paper "An Overview of Leading Software Tools for QRA", American Society of Safety Engineers -Middle East Chapter (161 ); 7th Professional Development Conference & Exhibition; March 18-22, 2005; Kingdom of Bahrain; Steve Lewis presents findings of a comprehensive survey of software tools currently available for undertaking QRA for onshore and offshore oil and gas facilities. The software tools included in the survey enable to include 80 calculation requirements, covering risk measures, risk presentation, physical effects modelling, impact, vulnerability, escalation modelling, frequency modelling, cost-benefit analysis, sensitivity and uncertainty analysis, hydrocarbon and non-hydrocarbon hazards. Excluded from the scope were tools specifically designed project risk analysis, maintainability analysis, structural response analysis, evacuation models, and human factors analysis.

In that paper, it is concluded that the complexities of modelling risks, here relating to offshore risks, leads to that most organisations, which may be regarded as functional entities in the sense of the present application, developed their own spreadsheet models to utilise the methods, assumptions and data that can be understood to an appropriate level of detail. In turn, organisations with multiple facilities demand a flexible but more robust approach than spreadsheets. Such an approach may be found in developing their own models. Moreover, spreadsheet models are compared to integrated QRA models, wherein most calculations are done "on-line" within software rather than "off-line".

It is further concluded that spreadsheet models have the disadvantages to be prone to errors by the analyst, being personal to an analyst and difficult to update by others without errors, involve macro programming which can be difficult to check, are time consuming to demonstrate validation and less sophisticated, while integrated models are found to be difficult of use and understand, lacking control and flexibility, as well as lacking transparency due to hidden assumptions and calculation methods.

Furthermore, although not specifically thematised in the paper, but apparently symptomatic for the above-mentioned disadvantages of QRA software tools according to the prior art is, that maintainability analysis, structural response analysis, evacuation models, and human factors analysis where not included in the survey in the first place. Hence, a major disadvantage of computer-implemented methods for evaluating performance of functional entities is that they exclude numerous possible factors in QRA for the sake of operability and reduced complexity of the model. However, such exclusions sacrifice comprehensiveness as well as adaptivity to temporal, operational and structural changes of the functional entities, and thus question validity of the known methods.

Description of the Invention

It is an object of the present invention to provide a method for assessing the performance of functional entities which avoids or at least decreases some of the disadvantages of the methods according to the prior art outlined above. In view of these disadvantages, the present invention particularly aims to provide a holistic and adaptive approach to risk assessment and management.

These objects are at least partially solved by a computer implemented method according to independent claim 1 , by a data processing system according to claim 13, by a computer program product according to claim 14, and by a computer-readable data carrier according to claim 15, respectively. In particular, these objects are at least partially solved according to the present invention by a computer-implemented method of generating a ranking dataset containing at least one performance value representing a performance of a functional entity for ranking performance of the functional entity in comparison with at least one further functional entity, the method comprising the steps of retrieving at least one reported performance indicator from a reporting source containing essentially uniformly reported data on the performance of the functional entity, identifying at least one auxiliary performance indicator from an auxiliary source of information providing essentially randomly occurring information regarding the functional entity, combining the at least one reported performance indicator with the at least one auxiliary performance indicator to generate a meta performance variable, deriving the at least one performance value from the meta performance variable.

A data processing system according to the present invention comprises means for carrying out a method according out a method according to the present invention.

A computer program according to the present invention comprises instructions which, when the program is executd by a computer, cause the computer to carry out a method according to the present invention.

A computer-readable data carrier according to the present invention has stored thereon a computer program according to the present invention. In other words, a data carrier according to the present invention comprises at least one computer-readable storage medium comprising instructions which when executed on a computer cause the computer to carry out a method according to the present invention.

The solutions according to the present invention do not only facilitate technical or finance decisions, but furthermore enable to make technically based comparisons of functional entities from the level of devices, machinery and apparatuses to the level of major plants and constructions, facilities as well as companies involved in environmental technologies, although the method is of course not be limited thereto. The method according to the present invention enables to combine reported performance indicators gained through more or less standardized sources, including QRA software, with auxiliary performance indicators from other sources, in order to derive therefrom the performance value for the actual ranking. This combination helps in eliminating or at least balancing the effect of selective and subjective information as well as possibly incomplete modelling in the reported performance indicators by either mitigating or confirming their relevancy by means of the auxiliary performance indicators.

Such a combination of indicators according to the present invention furthermore allows, to include aspects previously excluded or at least not satisfyingly regarded in QRA, in particular factors in measuring sustainability as well as ethical impacts of functional entities, referred to as environmental, social and governance (ESG). Environmental factors include climate change and the depletion of resources which according to the prior art were commonly excluded as representing external factors. Social concerns include major recruiting policies of staff operating functional entities, as well as human rights, consumer protection and animal welfare aspects. Cooperate governance concerns cover investigations regarding the rights and responsibilities of decision-makers operating functional entities, including officers, shareholders and stakeholders of a company

Thereby, the method according to the present invention provides neutral comparisons and outlooks on the performance of functional entities. Neutral comparisons and outlooks are important for assessing the reliability of the functional entities as they provide fundamental resources required for the function and future development of our society. Hence, the method according to the present invention enables decision-makers to assess appropriateness of the functional entities in their ability to provide utilities and effective resource management in a reliable manner, which in turn facilitates financial, such as investment decisions. This is especially important in the upcoming "green sector", since here, many new technologies and concepts from recent research and development are being taken from small-scale laboratory or prototype phases to bigger scales in order to be employed by on a level where they become of relevance for prosperity and sustainability of our society.

The solution as described above may be combined and improved as desired with the following further embodiments of a method according to the present invention, wherein these embodiments are each advantageous on their own. According to an embodiment of the present invention, the reporting source comprises at least one of a technical report, a checklist and a questionnaire containing the at least one reported performance indicator. The reporting source may hence on the one hand we used to retrieve common performance indicators, both on an inherent level, such as an MTBF or alike, and on an external level regarding operational and human factors involved in the functioning of a functional entity, including ESG risk factors.

According to an embodiment of the present invention, the auxiliary source of information comprises at least one of a log file, a data line, a communications channel, an alert channel and a news channel conveying the at least one auxiliary performance indicator. Log files, data lines, communication channels, alert channels and news channels can be scanned in order to extract any information implying negative or positive effects regarding the operation of a functional entity. Such information is used in order to complement information retrieved from reporting sources. Since such reporting sources, such as standardised reports and QRA schemes have a static character, neglecting dynamic effects of functional entities, the inclusion of at least one auxiliary performance indicator helps in regarding dynamic effects on the development of risks in operating functional entities and thus in the assessment of their reliability.

According to an embodiment of the present invention, a method according to the present invention further comprises the step of providing the meta performance variable as at least one of a scalar value, a vector, and a matrix containing at least one or a set of meta values, respectively. For example, risks involved in the operation of a functional entity, in particular ESG risks maybe quantified by meta values in up to four dimensions: matching RAMS and/or ESG issues, originality, circulation, and severity; past and future performance. For example, news regarding functional entities such as public companies are extracted on a preferably real-time basis by scanning and screening respective news sources. The sources include major financial news media, e.g. Financial Times, Sina Finance, or alike, web portals, e.g., China Daily, local and national government websites, NGO websites, question-and-answer websites, public online forums, etc. This helps in broadening the intake of information and thus achieving a holistic approach in risk assessment.

By using a dictionary of predefined keywords, e.g. according to predefined RAMS and/or ESG themes, extracted information with risk implications, such as negative news, are recorded together with information of regarding the related functional entity, such as a time-stamp, a publishing date and an abstract of the content of the information. The information is processed with the help of the dictionary consisting of predefined RAMS and ESG issues as well as respective weight tables in technical and economic sectors of interest. The identification can include international and domestic laws, regulations, policies, dynamic sustainability development indices or alike.

An assessment of circulation of information captures the extent to which the information spreads which may be measured within three quantitative levels of a respective circulation meta value. First, on the highest level, information is spread by National news media, well-known media in technology, finance, news of high views in news portal, and news widely spread in social media. Second, the medium level involves important local media as well as media in technology and finance. Third, the lowest level involves media that only covers a small geographic area.

An assessment of originality of information is calculated by means of a respective originality meta value based on whether (a) the event reported is covered by other sources of information, e.g. news during a predefined originality time period, such as the last two months; (b) the information or news reports an escalation of a previous event; (c) new issues are reported for the event; (d) the information relating to or news reports on an event did not occur during said originality time period, e.g. did not happen over the last two months. Based thereon, a certain originality value is associated to the information. For example:

If only (a) holds, the originality value is 0; If both (a) and (b) hold, the originality value is 1 ; If both (a) and (c) hold, the originality value is 1 ; If (a)(b)(c) hold, the originality value is 2; If (d) holds, the originality value is 3.

An assessment of severity involves determination of an impact of an event underlying the information by using a corresponding severity meta value. The different impacts are considered in a predefined weight table of RAMS and ESG issues for certain sectors. Severity of an event depends on a weight and severity of issues. The severity of issues depends on three factors: the extent of the negative consequence of the event, the randomness of the event, and how often such an event occurs the same or at least similar functional entities, such as companies of the same industry. Predefined seventy levels, e.g. three levels of severity are then assigned to issues in order to express their severity. If more than one issues are related to the event, the issue is considered as having the highest severity level. The severity of an event may therefore be expressed as the product of the weight of the issue and the severity of issue. Hence, in a method according to the present invention a risk quantification value w of information implying a negative or detrimental effect, such as negative news, can be calculated by the multiplication of circulation, originality and severity of the event underlying the information.

Since, as already mentioned above, the present invention aims to not only provide a static but furthermore, a dynamic assessment of risks, an exemplary embodiment of an algorithm for implementing dynamic risk assessment takes into account that a

1 ) current risk depends on current and previous information;

2) the risk decreases if no further or new information regarding the underlying event occurs; and/or

3) the impact of the information is lowered if a current risk is already high.

For example, a functional entity / on a certain point of time t has a risk defined as f,- (t). There is a number of m information, e.g. news regarding the functional entity on the point of time, e.g. a certain day, t. This denotes the additional quantification value of the news n (<=m) as w _t , _n . Based on the principles as outlined above under item 2), a) without any further information concerning a certain event during a number of k time periods, e.g. days, the decrease of a risk during the last k time periods since the point of time t can be calculated by equations (1 ) to (5) below, as hit + k) = hit) + fc/20, if 0 < f (t) <25, (1 ) fi(t + k) = hit) - 0.41fc, if 25 < fi(t) (2) b) with at least one news for the functional entity on the point of time t, fi(t + l) = g(∑ ₌₁ w _tin + g- ⁱ (f _i (t))), (3) wherein g (x) = 100x/(10 + x), (4) g ^→ (x) = 10%/(100 - x). (5)

Equations (1 ) and (2) capture the assumption that the risk will decay linearly without any further negative information appearing. Using the parameters as chosen in the above example, leads to that the specific risk will decrease to a value of 0 at a maximum of two further periods of time, e.g. years. Equations (4) and (5) limit the value of risk to a range of [0,100], These two formulas also guarantee the decreasing marginal effect of w on f. Based equations (1 ) to (5), a method according to the present invention allows for setting a RAMS and/or ESG risk into four levels of equal length, which represent a relative level of risk of a functional entity.

Furthermore, meta values according to the present invention are used for representing Network effects between functional entities, i.e. to which extend the functional entities are connected to each other and/or interdependent. For example, a network effect can occur due to ownership relations between companies owning functional entities. For example, a small network may comprise three functional entities, wherein two entities depend on the output by the other entity or are owned by the other entity.

Moreover, using meta values according to the present invention allows for calculating RAMS and/or ESG risks of sectors. The sectors may include a certain category of functional entities, e.g. as defined in the classification scheme according to the China Securities Index. For example, a risk of one sector s(t) is calculated as the average risk of the top 20 most exposed and biggest market capitalization companies of the sector according to equation (6) as follows: s(t) = avg (f _L {t)) , (6) wherein / is the average risk of the top 20 most exposed and biggest market capitalization companies of the sector.

According to an embodiment of the present invention, at least temporarily, the performance value comprises an index number allowing for a one-dimensional ranking of the functional entities. The one-dimensional ranking may be refined by meta values and weight factors as described above. Based on the one-dimensional ranking, risks of different functional entities, either of the same or a different kind maybe easily compared to each other. The comparison may help in an overall risk assessment of a single functional entity, a group of functional entities, or a sector including certain functional entities.

According to an embodiment of the present invention, providing the performance dataset further comprises the step of generating at least one of a current performance value A of the functional entity for a first time interval, a peak performance value B of the functional entity for a second time interval, a current group performance value C of a group of functional entities for the first time interval, and a peak group performance value D of the group of functional entities for the second time interval, wherein the first time interval is shorter than the second time interval.

Thereby, the present invention enables to update performance values, as e.g. risks for functional entities and sectors of functional entities, wherein for example

A is a current index number of a single entity (monthly update);

B is a peak of Index number of a single entity (last 2 years);

C is a current Index number of a sector or group of entities (monthly update);

D is a peak of Index number of a sector or group of entities (last 2 years).

According to an embodiment of the present invention, providing the ranking dataset further comprises the step of excluding functional entities from the ranking, which are listed since less than a third time interval, wherein the third time interval is longer than at least one of the first time interval and the second time interval. For instance, third time interval is longer than the second time interval, e.g. 3 years.

According to an embodiment of the present invention, providing the ranking dataset further comprises the steps of sorting at least two groups of functional entities based on their respective group peak performance value D, ranking, if the at least two groups of functional entities have the same group peak performance value, the at least two groups of entities based on their respective current group performance value C.

In other words, in such a selecting step, based on D, from lowest to highest the sectors are ranked from top to down. If two sectors are ranked with the same value, the sector with the lower C, is ranked higher than the other sector, i.e. on top of the other sector. This helps in avoiding indecisive risk assessments and rankings.

According to an embodiment of the present invention, providing the ranking dataset further comprises the step of ranking at least two functional entities within a group of functional entities based on their respective peak performance value B. In other words, in such a ranking step, in each sector, based on 6, from lowest to highest, functional entities are ranked from top to down.

According to an embodiment of the present invention, providing the ranking dataset further comprises the step of ranking at least two functional entities having the same peak performance value β according to their respective current performance value A In other words, in such a ranking step, a new order of a parent index if formed. If two functional entities are ranked on the same level, the one with a lower A is selected to be on the top of said two functional entities.

According to an embodiment of the present invention, providing the ranking dataset further comprises the step of excluding functional entities from the ranking at a low end and/or at a high end of a ranking list, so that the number of functional entities in the ranking list does not exceed a predefined ranking list limiting value. Thereby, for example, due to a deletion of functional entities with highest β,, a certain number of functional entities, e.g. 40, functional entities remain in the dataset. If then more than one constituents have the same S, and A for the 40th rank and around, analysts can make decisive assessments and select a functional entity with a preferred overall performance, e.g. better Sustainability, RAMS and/or ESG management and performance. According to an embodiment of the present invention, providing the ranking dataset further comprises the step of selecting functional entities with the highest and/or lowest ranks, so as to form a ranking index including a predefined number of indexed functional entities. In other words, a certain number, e.g. the top 40 functional entities can be selected as representing a certain standard RAMS and/or ESG index from all functional entities included in the parent index handled in line with a method according to the present invention.

Consequently, the present invention enables to reassess at least one of a previously determined reliability, availability, maintainability and safety related value or index; and/or at least one parameter in quantitative risk assessment. The reassessment helps in decision making on a change of operation, status, recommendations, maintenance measures and/or on how to modify of the functional entities indexed or excluded from the index.

Brief Description of the Figures

In the following, exemplary embodiments of the present invention will be described in conjunction with the accompanying drawings, in which

Fig. 1 shows a schematic diagram illustrating components of a system according to an embodiment of the present invention;

Fig. 2 shows a schematic diagram illustrating a risk assessment and ranking scheme according to an embodiment of the present invention;

Fig. 3 shows a schematic diagram illustrating steps of a method for risk quantification according to an embodiment of the present invention;

Fig.4 shows a schematic diagram illustrating an exemplary succession of steps of a method according to an embodiment of the present invention;

Fig. 5 shows a schematic diagram illustrating an exemplary ranking algorithm according to an embodiment of the present invention; Fig. 6 shows a schematic diagram of a ranking dataset generated with a method according to an embodiment of the present invention;

Fig. 7 shows a schematic diagram illustrating application steps performed in a method according to an embodiment of the present invention;

Fig. 8 shows a schematic diagram of a pattern for collecting information in a method according to an embodiment of the present invention.

Fig. 9 shows a schematic diagram of a succession of steps for consolidating analyses performed according to an embodiment of the present invention;

Fig. 10 shows a schematic diagram of steps for generating an evaluation report in a method according to an embodiment of the present invention; and

Fig. 1 1 shows and exemplary embodiment of a device for implementing a system and method according to the present invention.

Exemplary Embodiments

Fig. 1 shows a schematic diagram illustrating components of a system 1 according to an embodiment of the present invention. In order to be able to provide comprehensive analyses on risks involved in construction, operation and maintenance of functional entities, the system 1 comprises a computational framework 2. The framework 2 comprises means for external risk assessment and ranking 3 as well as means for internal performance evaluation 4, relating to a certain group or sector 5 of functional entities 6 (see Fig. 3). For example, the means for external risk assessment and ranking 3 reliable information regarding external RAMS and/or ESG risks, while the means for internal performance evaluation 4 reliable information on internal RAMS and/or ESG risks of functional entities. After the analyses, the system provides assistance in deciding on certain measures in relation to the functional entities 6, e.g. advices and/or control instructions for enhancing RAMS related parameters as well as ESG investment solutions, such as ESG index funds / ETFs (passive) or ESG thematic funds (active). Fig. 2 shows a schematic diagram illustrating a risk assessment and ranking scheme 10 according to an embodiment of the present invention. The risk assessment and ranking scheme 10 is implemented as a model-view-controller (MVC) software architectural pattern and comprises a web module 1 1 , an application module 12, application components 13, a controller module 14, a widget 15, a computational model 16, and a view or graphic user interface (GUI) module 17 which are connected to each other by interface means 18, such as wireless and/or wired connections, bus systems, advanced program interfaces (APIs) or alike. Through the web module 11 and the application components 13, the application module 12 gathers or is provided with information on the functional entities 6, respectively. The controller module 14 controls the distribution of the information to the widget 15, the computational model 16, and the GUI 17.

Main components of the risk assessment and ranking scheme 10 in the form of the MVC framework are the model, i.e. computational model 16, the controller, i.e. controller module 14 and the view, i.e. GUI 17. The computational model 16 is the central component of the pattern. It expresses the behaviour of the risk assessment and ranking scheme 10 implemented in the application module 12 on a problem domain, independent of any user interface, i.e. controller module 14 and GUI 17. The computational model 16 directly manages the data, logic and rules of the application module 12. The GUI 17 provides an output of the application module 12, such as an html web page, a chart and/or a diagram or alike. The controller module 14 accepts input by a user and converts the input into commands for the controller module 14 and/or GUI 17.

Moreover, the web module 1 1 , e.g. in the form of an "index. php" can provide an entrance to the application module 12. Upon start-up of the framework 2, the web module 1 1 loads configure files, initializes the application container and runs the application module 12. Once there are applications, the web module 1 1 can handle incoming requests through a kernel, and send associated responses back to a client or client device allowing them to use the applications (see Fig. 1 1 ). For gaining reported performance indicators, e.g. through questionnaires, the web module 1 1 may contain text boxes, selection boxes, rating score boxes, and upload boxes for uploading documents to be processed by the application module 12. For ranking automation, the web module 1 1 contains at least one identifier or list of identifiers of functional entities and/or upload and/or download arrangements such identifiers and/or lists of identifiers, respectively. The web module may further contain a selection box for selecting a timespan, e.g. through month and year to be selected in order to be operated by the application module 12. For gathering auxiliary performance indicators, web module 1 1 contains text boxes upload boxes for uploading documents to be processed by the application module 12.

The widget 15 is a small application with limited functionality that can be installed and executed within a web page by a user or user device (see fig. 1 1 ). Different kinds of widgets are provided in line with the present invention. At least one of widget 15 for example may be a calendar widget to insert time spans (month/year). A further one of the widgets 5 may be developed to show results for users, e.g. in the form of at least one component of an evaluation report (see fig. 10). The application component 13 has independent functions which can be used for many parts of the application. For example, an Object-Relational Mapping (ORM) component may be used to connect and manipulate databases (see Fig. 1 1 ). The ORM component uses request components to handle forms, a middleware component to filter web requests, event components to handle electronic mail, and alike.

A method according to the present invention is implemented in the risk assessment and ranking scheme 10 in order to provide risk driven ranking of functional entities as described herein. Risk quantification is based on combining information on functional entities in line with a method according to the present invention. Information, in particular negative news from various sources, delivering quantitative risks, based on which factors for ranking functional entities, is being analysed and/or used as or deriving therefrom at least one auxiliary performance indicator. Furthermore, reporting sources of information, such as questionnaires covering performance indicators are used for deriving therefrom at least one reported performance indicator. An example for such a questionnaire is given further down below. Such reporting sources are represented by the means for internal performance evaluation 4.

Fig. 3 shows a schematic diagram illustrating steps S1 to S5 of a method for risk quantification according to an embodiment of the present invention:

In a first step S1 , the web module 1 1 scans auxiliary sources of information 21 to 24, the number of which should not be understood as being limited to the four sources shown herein. For example, a first auxiliary information source 21 is a web portal; a second auxiliary information source 22 is a news media channel, such as a mainstream media channel, including but not limited to television news channels, prime time news broadcasts on standard official broadcast networks, radio channels, newspapers, blogs, or alike; a third auxiliary information source 23 is a government website; a fourth auxiliary information source 24 is an NGO website, etc. In other words, in a method according to the present invention, the auxiliary information sources 21 to 24 are screened preferably essentially in real time.

In a second step S2, Information gathered by the web module 1 1 is filtered such that from the information, an event dataset 30 is extracted, comprising a certain number of events, e.g. 45. From the certain number of events, risk issues associated with the events are identified, forming an issue dataset 31 comprising e.g. 29 risk issues. The filtering may involve but is not limited to any kind of screening operation including natural language processing which may include artificial intelligence (Al) algorithms in order to extract negative events, in particular RAMS/ESG issues, from the information gathered.

In a third step S3, the issues are quantified. A typing module 32 is used for identifying a type of risk, in the present example either environmental e, social, s our governance g, wherein of course further types of risks from for instance the RAMS spectrum may be included as desired for achieving a required raking in line with a method according to the present invention. A certain weight w of each of the issues is then determined by considering the respective originality o, circulation c, and severity s by means of the typing module 32. The third step S3 may also include Al algorithms in order to quantify RAMS and/or ESG risks in e.g. four dimensions, namely firstly matching the negative events, in particular RAMS/ESG issues, secondly assessing their originality o, thirdly assessing their circulation c, and fourthly assessing their severity s.

In a fourth step S4, risks related to the functional entities 6 are calculated while taking into account certain network factors N between the functional entities 6 in order to generate a ranking dataset 40.

In a fifth step S5, a risk index 41 is derived from the ranking dataset 40.

Fig.4 shows a schematic diagram illustrating an exemplary succession of steps of a method according to an embodiment of the present invention. In a starting step S10, the process of risk assessment and ranking is initiated. In a time specification step 1 1 , a certain time span for the assessment, e.g. month and year, is selected. In an importing step S12, a list of functional entities to be assessed is imported. For generating the risk index 41 , the ranking step S5 is applied to the ranking dataset 40. The ranking dataset 40 is updated accordingly. In a terminating step S13, the processing of information is ended and a result is presented in a desired form.

Fig. 5 shows a schematic diagram illustrating an exemplary ranking algorithm underlying the ranking step S5 according to an embodiment of the present invention. The ranking step S5 comprises six sub-steps S 51 to S56 to reduce the parent index included in the ranking dataset 40, e.g. a number of 120 functional entities 6 to a risk index including e.g. 40 functional entities 6, by using meta variables, such as A indicating a current index number of a single entity (e.g. monthly update); β indicating a peak of Index number of a single entity (e.g. last 2 years); C indicating a current Index number of a sector or group of entities (e.g. monthly update); and D indicating a peak of Index number of a sector or group of entities (last 2 years):

In a first sub-step S51 , functional entities 6 are excluded which are listed during less as an exclusion time span, of e.g. 3 years.

In a second sub-step S52, based on D, from lowest to highest, the sectors a range from top-down. If the same ranking appears, a sector with a lower C, is selected to be on top.

In a third sub-step S53, in each sector, based on S,, from lowest to highest, functional entities are ranked top-down.

In a fourth sub-step S54, a new order of the parent index is formed. If same rankings appear, functional entity with a lower A as ranked on the top.

In a fifth sub-step S55, functional entities with the highest B, are deleted until a desired number, e.g. forty functional entities 6 remain. With more than one constituents have the same B, and A, for the 40 ^th rank and around, analysis will make an individual assessment and select the one with the better sustainability, management and/or performance values to be on top.

In a sixth sub-step S56, a top number of functional entities 6, e.g. forty functional entities 6 are selected to be representing the risk index 41 derived from the ranking dataset 40.

Fig. 6 shows a schematic diagram of the ranking dataset 40 generated with a method according to an embodiment of the present invention and including the risk index 41 as derived therefrom. The risk index 41 is generated for a certain timespan 42. For that time span, the functional entities 6 listed are ranked in accordance to their respective performance values calculated in line with a method according to the present invention by a specific ranking order 43. The functional entities 6 are associated to the groups and sectors 5 as explained above. The risk index 41 can be updated regularly according to the selected timespan 42.

Fig. 7 shows a schematic diagram illustrating application steps S71 to S74 performed in a method according to an embodiment of the present invention:

In a first application step S71 , a user of a system 1 according to the present invention, e.g. an analyst (not shown) uploads information by the means for external risk assessment and ranking 3 and the means for internal performance evaluation 4.

In a second application step S72, based on predefined dimensions regarding operation, management, performance, or alike risk issues are analysed.

In a third application step S73, based on predefined dimensions regarding operation, management, performance, or alike, senior analysts conduct quality checks, consolidate analyses and gain feedbacks, in particular through the means for internal performance evaluation 4.

In a fourth application step S73, dimensions of quantitative assessment and automation of risk engagement and analysis reporting are visualized, e.g. by means of the GUI 17.

Fig. 8 shows a schematic diagram of a pattern for collecting information in a method according to an embodiment of the present invention by the web module 1 1 and/or the application components 13. For one of the selected functional entities 5, for example, certain reporting sources 51 to 53 are available, such as technical reports 51 A to 51 C originating from companies operating the functional entities 5, corresponding websites 52A to 52C, and third party assessment reports 53A to 53C. These reporting sources, besides technical information, may comprise information regarding leadership and cooperate sustainability strategies, investment committees, governance, risk and compliance management, supply chain management, consumer management, stakeholder management and communication, environment policy and reporting, labour practice and talent development, community development or alike as indicators for assessment of qualitative and quantitative governance and management system performance. Furthermore, ESG performance indicators and quantitative assessment include factors like operating licences, consumer attractiveness, brand and reputation, productivity, human intellectual cavity, innovation, risk profiles.

Fig. 9 shows a schematic diagram of a succession of steps for consolidating analyses performed according to an embodiment of the present invention in a quality checking algorithm step 90, comprising a first, second and a third quality setting step S91 to S93, preferably carried out by senior analysts when consolidating risk analysis and gain feedbacks by engaging with functional entities 5 or their operators, they e.g. companies, through reporting sources 51 to 53:

In a first quality checking step S91 , disclosures relating to the functional entity are analysed according to predefined dimensions, including RAMS, ESG and other dimensions, such as financial dimensions.

In a second quality checking step S92, quality of the information provided through the reporting sources 51 to 53 is checked and consolidated by a corresponding assessment.

In a third quality checking step S93, the functional entity and/or respective operators of the functional entity are engaged in order to provide certain feedbacks through reporting sources 51 to 53, if necessary.

An exemplary embodiment of a reporting source 51 to 53 in the form of a basic structure of a schematic standardised questionnaire directed to matters of ESG in two dimensions is listed in the following:

Dimension D1 : Leadership and Corporate Sustainability Strategy & Investment Committees

1.1 . Board and Corporate Strategy (Governance)

1 .2. Strategy implementation and management system: risk & compliance

1.3. Strategy implementation and management system: Customer Relation and Brand Management

1 .4. Strategy implementation and management system: supply chain management and privacy protection Dimension D2: stakeholder management and communication (environmental policy and reports, labor practices and development, community management

2.1 . Stakeholder management and communication: environmental dimension

2.2. Stakeholder management and communications: labor practices and human resources development

2.3. Stakeholder management and communication: corporate citizenship and community development

Fig. 10 shows a schematic diagram of steps for generating an evaluation report 100 in a method according to an embodiment of the present invention. The evaluation report 100 can be displayed by means of dashboards 101 , charts 102, texts 103, reports 104, search and editing tools 105, which may be provided as desired to display and access results of a method according to the present invention from an analysts' server side 1 10 and a clients' side 120, respectively.

Fig. 1 1 shows and exemplary embodiment of an arrangement 200 for implementing a system 1 and method according to the present invention. The arrangement 200 comprises at least one web application firewall unit 201 (WAF), at least one network address translation unit 202 (NAT), at least one elastic load balancing unit 202 (ELB), at least one web server unit 204, and at least one database server unit 205 which are connected to each other via internal data transfer means 206 for transferring data. The at least one WAF unit 201 , at least one NAT unit 202, at least one ELB unit 203, at least one web server unit 204, at least one database server unit 205, and respective internal data transfer means 206 together form a virtual private cloud 207 (VPC). The arrangement 200 may further comprise at least one adaptor unit 208 providing at least one unified adaptor means for accessing the VPC 207.

A user or user device 300 is connected to the at least one adaptor unit 208 through at least one external data transfer means 301. The user or user device 300 may be an operator of at least one functional entity or can be embodied by at least one functional entity itself. Hence, the adapter unit 208 can be embodied by any kind of physical or virtual adapter allowing for an exchange of data between the arrangement 200 and the user or user device 300 via internal data transfer means 206 and external data transfer means 301 , respectively. The internal data transfer means 206 and external data transfer means 301 may comprise any wired and/or wireless communication lines, such as ether- net, Internet, Wi-Fi, etc. capable of transferring data i.e. digital information.

The adapter unit 208 may be any kind of physical and/or virtual arrangement configured to adapt data such that it can be transferred between the arrangement 200 and the user or user device 300. Therefore, the adapter unit 208 may for example comprise at least a part of the web module 1 1 , graphic user interface 17 and/or interface means 18. The web module 1 1 , application modules 12, application components 13, control modules 14, widgets 15, computational models 16 graphic user interface 17 and/or interface means 18 are partially be hosted by the at least one web server unit 204. The at least one database server unit 205 provides storage space for the event dataset 30, issue dataset 31 , and/or ranking dataset 40. For example, respective data is stored in at least one MongoDB and/or mySQL database which are or is deployed on the at least one database server unit 204, respectively.

In operation, the WAF unit 201 provides a web application firewall in that it filters, monitors, and/or blocks data transfer, e.g. in the form of hypertext transfer protocol (HTTP) traffic, sent to and from the adapter unit 208, i.e. in the form of a web application. The NAT unit 202 provides network address translation, e.g. in that it remaps an IP address space into another IP address space by modifying network address information in Internet Protocol datagram packet headers while they are in transit across a traffic routing device. The at least one ELB unit 203 provides elastic load balancing in that it distributes incoming application traffic across multiple units 201 , 202, 203 which may be arranged in multiple availability zones in order to increase processing speeds and enhance stability of the arrangement 200. Reference Signs

1 System 43 ranking order

2 framework 51 first reporting source

3 means for external risk assess- 52 second reporting source 5 ment and ranking 53 third reporting source

4 means for internal performance

evaluation 100 evaluation report

5 sector of functional entities 101 dashboard

6 functional entity 102 chart

10 103 text

10 risk assessment and ranking 104 report

scheme 104 search and editing tool

1 1 web module 10 analysts' server side

12 application module 120 clients' side

15 13 application components

14 controller module 200 arrangement

15 widget 201 WAF unit

16 computational model 202 NAT unit

17 graphic user interface (GUI) 203 ELB unit

20 18 interface means 204 web server unit

205 database server unit

21 first auxiliary information source 206 internal data transfer means

22 second auxiliary information 207 virtual private cloud

source 208 adapter unit

25 23 third auxiliary information source 300 user/user device

24 fourth auxiliary information source 301 external data transfer means

30 event dataset

31 issue dataset 51 scanning step

32 typing module 52 filtering step

30 53 quantifying step

40 ranking dataset 54 risk calculation step

41 risk index 55 ranking step

42 timespan 510 starting step 15 S74 fourth application step

51 1 time specification step S90 quality checking algorithm

512 importing step S91 first quality checking step

513 terminating step S92 second quality checking step

S93 third quality checking step

551 first sub-step 20

552 second sub-step E environmental

553 third sub-step S social

554 fourth sub-step G governance

S55 fifth sub-step N network factor

S56 sixth sub-step 25 w weight of issue

571 first application step o originality

572 second application step c circulation

573 third application step s severity