Risk Assessment – Current/Residual Risk Assessment
This article contains: |
1. Current/Residual Risk Assessment |
Current Assessments for all four types of risks are conducted in the same way. The Current Strategic Risk Assessment process is shown below, whereby selections of Current Likelihood, Consequence and Effectiveness of Controls generates a Current Risk Rating. However before completing the Assessment, the Risk Controls are defined so that you can confirm the Effectiveness of them in their current form.
Please refer to the ‘Risk Controls’ section for more information on creating and managing your Risk Controls.
STEP 1: Specify the following details when completing a Current Risk Assessment.
Note: To enable Copy & Move button, navigate to Risk Settings > Risk Aggregation and activate the Risk Aggregation option. Once enabled, the aggregation feature can be accessed via the Risk Details > Copy/Move button.
Note: The visibility of some fields can be controlled by the Risk Manager from Risk Framework > Risk Settings > Field Configuration area.
Field | Description/Instructions | Mandatory/Optional | Strategic | Operational | Project | Corporate |
Risk Details | ||||||
Effectiveness of Controls | Select the Effectiveness of Controls Rating from the dropdown list provided. Note: Effectiveness of Controls Ratings is defined by the Risk Manager within Risk Settings. | Mandatory |
|
|
|
|
Consequence | Select a consequence rating by clicking the Select button. This will allow a pop up window to show for you to select the consequences based on the category description. This is called the consequence table to help you identify ‘consequence of the risk’. Users can simply click the relevant cell to select a consequence. This grid is defined and maintained by the Risk Manager from within Risk Settings. |
|
|
|
| |
Likelihood | Select a Likelihood by clicking on the Select button. This will allow a pop up window to show allowing you to select a likelihood based on a description to help you identify it. Users can simply click the relevant cell to select a Likelihood. This grid is defined and maintained by the Risk Manager from within Risk Settings. | Mandatory |
|
|
|
|
Risk Treatment and Solutions | ||||||
Risk Treatment Plan Options | Select whether you want to Accept, tolerate the risk. You can also select if the risk exceeds Tolerance limit. | Optional |
|
|
|
|
Risk Actions | Add risk actions by simply typing the Risk Action title, linking it to a responsible officer, Business Unit, Start and end Date, Review frequency, giving it a Action Status and % complete. To save and add this to the table, click on the adjacent add icon. See below for further details. | Optional |
|
|
|
|
1.1 Risk Actions
Risk actions are entered against a risk if you are required to put other actions in place in order to mitigate the risk further (in addition to the current controls that you may have in place). If the effectiveness of the current controls is weak, then risk actions should be identified in order to action on reducing the risk or may feed into creating a new control. Adding risk actions are however optional when completing a current risk assessment.
Ensure you fill out the mandatory fields which are highlighted with a red asterisks.
STEP 1: Click on the Add New button to add your risk action to the table before you save.
See article Risk Actions for more details on this section.
STEP 2: Click on the Save button once you have completed all required fields on the page.
After saving, an image will appear which shows the Calculated ‘Current’ Risk Rating.