Compliance-> Risk Register

The Risk Register is under development. Expect more functionality soon.

What is the Risk Register?

The risk register is a list of entries known as risk score entries where each entry refers to a specific instance of a known risk that impacts one specific org unit. Risks fall into predefined categories. Before creating an entry in the risk register, a superuser would need to create risk categories and risk objects. (See also: ).

When a risk is identified, someone with a Risk Assessor role in the org unit, or a superuser, can create an entry in the table to record details about the risk. These include assigning values for the perceived severity and likelihood of the risk. The resulting risk score is generated by multiplying the impact by the likelihood. Target values and a target date are also assigned, allowing you to set a goal for mitigating the risk level by a certain date.

The Risk Register

Risk Score Entry Fields

Field Name

Options

Notes

Field Name

Options

Notes

Status

Open/In Progress/Closed

Can be changed by a Risk Assessor

Org Unit

 

The impacted org unit

Risk

From a list of existing risks

The name of risk as entered by a superuser on the Settings page

Inherent Impact

Depends on the Risk Scale value (default 1-5)

How severe the risk is, based on external factors beyond your control

Inherent Likelihood

Depends on the Risk Scale value (default 1-5)

How likely the risk is to occur, based on external factors beyond your control

Current Impact

Depends on the Risk Scale value (default 1-5)

How severe the risk is, based on your current mitigation strategy

Current Likelihood

Depends on the Risk Scale value (default 1-5)

How likely the risk is to impact you, based on your current mitigation strategy

Target Impact

Depends on the Risk Scale value (default 1-5)

How severe you would like the impact to be were it to occur

Target Likelihood

Depends on the Risk Scale value (default 1-5)

How likely you would like the risk to impact you

Due

Future date

When do you expect to achieve your target impact and likelihood values?

Notes

Free text entry

Any additional information needed

Current Mitigation Control

Free text entry

Describe the current mitigation strategy employed.

Target Mitigation Control

Free text entry

Describe the intended mitigation strategy needed to achieve the target risk score.

Superusers can view and edit all Risk Register entries. Risk Assessors can create, edit and view entries for their org unit(s). Risk auditors can view entries for their org unit(s).

It is possible to add custom fields to the bottom of the Risk Register entry dialog. To learn how superusers can do this, see .