Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

This article contains:

Table of Contents

1. Overview

The risk action grid is located within any risk assessment tab for which it is configured for. The edit and delete actions will be displayed at the right corner, next to an added action.

2. Adding a New Action to a Risk

A new action can be added against a risk by entering the details in the grid in the assessment tab, and clicking the Add New button.

To add a new action to a risk:

  • STEP 1: Enter the details as per the table below.








Risk Action

Risk Action title


Responsible Officer

Assign a Responsible Person who will be monitoring and reporting on the status of the risk action. This will enable a link to this Risk Action to display on the designated person’s homepage.

The dropdown will list staff names for selection.


Business Unit

Assign a Business Unit for this risk action. This is the Business Unit where the action will reside.


Note: This will be replaced by a pop up giving link access to the full organisation hierarchy in the new 'Flexible Hierarchy' structure.


Start Date

Select a Start Date to which this action is due to start.

Click on the Calendar icon to select a date.


End Date

Select an End Date to which this action is due to complete.

Click on the Calendar icon to select a date.


Review Frequency

Select a frequency in the dropdown which the action needs to be reviewed and updated.


Next Review Date

This field is updated based on the 'Current Review Date' + 'Review Frequency' selected.


Note: Currently, the Next Review Date updates automatically only when the reporting frequency is changed from the Risk Action Details page, and does not work when the reporting frequency is changed from the Risk Solution grid.


Action Status

Select the current action status. Generally all actions will start off in a ‘Not Started’ state.


Completion Date

The completion date will be automatically filled on the date the action status was changed to 'Completed'. This is editable if required. 


% Completed

If the action status is ‘Not Started’, then leave the % complete as 0.

If the Status is ‘in Progress’ then ensure you enter in a % complete value between 1 – 99.



The performance of a risk action will be denoted by one of the four colour coded performance categories: ‘On Track’, ‘Off Track’, ‘Monitor’ and ‘Not Applicable’.


Image RemovedImage RemovedImage RemovedImage Removed

Control Title

If an action is linked to one of your controls, you may link the control through this area.


Note: Additionally, Risk Actions can be created and linked through the controls section.


  • STEP 2:  Ensure you click on the Add button to add your risk action to the table before you save.

3. Linking an Existing Action to a Risk

Clicking on the Select Existing Solutions/Actions button, will let you select an existing action and link to the risk.

Clicking the button will open a pop-up, listing all existing actions for the organisation. Once an existing action is linked to the risk, data updates universally, following a shared approach across other actions as well.

The search area is provided in the existing action screen for the user to filter actions.

3.1 User Permissions for Adding/Linking Action to a Risk

The editing, deleting, adding is all based on the linked risk user permission.

E.g. If the logged in user does not have permission to edit the risk, the action grid edit/delete and add icons will be disabled.

Actions are checked or newly identified during the risk assessment process. Essentially, when a risk is assessed, you check if there are any existing actions in place to further help the controls which are put in place. The risk actions are taken as global templates. Hence, the title can be edited if you have permission to add/edit a risk. Once an action is linked to a risk, the progress and other details are edited by the risk/action owner within the risk.


Note: If the configuration in the database to manage risk actions are unique for each linked risk, then the above updates will be managed separately for each risk with which they are linked to. If the configuration in the database is to manage risk actions commonly, then the above updates will be managed in collaboration, and when updated via a linked risk, the updates will reflect across all other risks with which the same action is linked to.

This configuration to manage risk actions commonly can be enabled by an administrator, by enabling the setting accessed via Menu > Administration > Configuration > Settings < Manage Risk Action Commonly.

Responsible people for the actions are assigned by the Risk Responsible Officer (or one with a higher permission). Hence, an action owner cannot change their own assignments.

View other articles under this section:

Child pages (Children Display)
pageRisk Actions

<< Back to main section
Risk Actions

UG Footer 2024-20240103-072111.png