Direct Level and Company Level Impact Filters explained
Alert Spreading in general
What can be understood as alert spreading is the programmed behaviour of how alerts affect other targets depending on the origin of the alert.
All targets in Prewave are connected to a specific set of other targets like Sites being connected to their respective Site groups and vice versa, to other Sites via the shared Site Group, locations (cities and countries), industries and other entities (explained in upcoming articles). The point is, all of these targets are connected with each other for a reason: They are in a virtual or real relationship with each other and thus their relationship can relate to, predict and cause risks that Prewave captures. However, when considering different risk types, or as Prewavers refer to it most often "event types", not every target relates to, predicts or causes risks for other targets in the same way. An example for this can be provided by comparing a "corporate wrongdoing" event with a "earthquake" event.
Let's say a globally represented multi-billion car manufacturer with production sites spread worldwide and a very central management structure is the subject of legal proceedings, because of corporate wrongdoing. The corporate wrongdoing event generally describes events that comprise multiple locations, hence the bigger part of the entire organisation. Typical examples for this are allegations of systematic strategies comprising officials bribery in different countries, knowingly ignoring legal requirements for working breaks, ignoring certain legislations impeding business etc.
Alerts around such kind of events should usually spread to all targets in a Site Group as the comprised events describe systematically underlying issues in the Site Group and thus potential risks to all Sites.
This is an example of such a real alert:
The described company has been facing repeatedly allegations of deliberate negligence of health and safety matters over the past in multiple locations of the production network. The events in this alert do not only describe risks to the location in Palo Alto, where the alert originates from, but also risks to all other productions sites due to the corporate management being involved. This is why such alerts in Prewave's featured Perspectives spread to the Site Group in general and the other Sites within the Site Group.
Now let's compare this alert to the aforementioned alert that describes an earthquake event. Earthquakes by nature are very regional events affecting single or multiple locations. Having an earthquake alert on a Site in Japan spread to other Sites within the Site Group would make no sense, as another Site in Europe would be completely unaffected of the event. However, this particular alert spreading to the target feed of the Site Group can be considered as general exposition indicator to natural catastrophes. It would be sensible to say that the criticality of the same alert on the Site Group, though should be different as the Site Group risk of earthquakes represents the global risk of such events. How this is done will be explained in the subsections about the different Impact Level Filters, which are defined in the respective perspectives used to show alerts and risks.
Impact Level Filters
In above section we explained the general logic of why alerts should spread. In this section we will explain with the help of impact filters, how such general logics can be implemented. To begin with, impact level filters are assigned to each perspective. This means that each perspective can behave differently in the way alerts spread. Therefore, the aforementioned general examples mustn't hold for the perspectives you are using. Impact level filters are defined per event type in each perspective and define the criticality of an alert for each impact level.
Direct and Company-Level Filter
So let's get more concrete, Direct-level and Company-level are one of the impact filters available in Prewave and are present in most perspectives. This is for the simple reason that they define how alerts behave that are associated directly to a Site (Direct-level) and alerts only associated to general structures like Site Groups behave (Company-level). This is of course relevant for most use cases in risk management as reports directly mentioning Sites and brands have a high level of risk relevant information.
How do alerts spread on Direct-level?
In above image you can see in from the yellow arrows how direct alerts behave. Once an alert is connected to a Site, the alert naturally spreads to the Site affected, but also to the Site Group, as it is generally considered part of it. However, if you take a look at an excerpt of the target feed of Tesla while applying the LkSG perspective settings, you will recognise that the alert criticality is different between Site and Site Group. The first image depicts the alert (Critical) on the target feed of the Site and the second image shows the target feed of the Site Group (High).
Site Target Feed (Critical criticality)
Site Group Target Feed (High Criticality)
This is because Prewave implemented a logic that permits to distinguish between different levels of "affectedness" or how Prewavers say "impact levels". In many of the Prewave featured perspectives the criticality of certain event types is different based on the proximity of an alert. Generally speaking this means that alerts directly connectable to a specific Site are considered the most critical and alerts connected a Site Group in general less critical, due to their vague allocability to specific risks (see image below).
However, this mustn't always be the case. For certain events the criticality doesn't wane just because the proximity of the alert might not be the same. Very good examples for this are child labor related alerts in the LkSG perspective. The risk of reputation loss, public retaliation and many other negative consequences have been decided to be too critical in the context of LkSG compliance, to be deprioritised on the company level. Hence, for those event types there has been no distinction made.
How do alerts spread on Company-level?
Following the blue arrows Company-level alerts spread from the Site Group to all of the Sites within a Site Group. As mentioned earlier, alerts describing events generally happening within a Site Group can be risk indicators for any Site and are thus displayed in each Site target feed and have an impact on the Site risk score. Since a Company-level alert always only describe event generally happening at the Site Group, such alerts will be handled in each target feed and risk score with the defined alert criticality of the Company-level impact filter.
How do I recognise a Direct and Company-level alert?
A Direct-level alert can always be recognised through the title of an alert. An alert describing an event at a Site will always state explicitly that it is happening at a Site and the name of the Site affected.
A Company-level alert will have a more general title stating the event occurring, the name of the Site Group and if known, which country or region are affected.
