Risk Actions – Risk Action Grid in Risk Assessments
1. Overview |
The risk action grid is located within any risk assessment tab for which it is configured for. The edit and delete actions will be displayed at the right corner, next to an added action.
2. Adding a New Action to a Risk |
A new action can be added against a risk by entering the details in the grid in the assessment tab, and clicking the Add New button.
To add a new action to a risk:
STEP 1: Enter the details as per the table below.
Field | Description/Instructions | Mandatory/Optional | Strategic | Operational | Project | Corporate |
Risk Action | Risk Action title | Mandatory | ||||
Responsible Officer | Assign a Responsible Person who will be monitoring and reporting on the status of the risk action. This will enable a link to this Risk Action to display on the designated person’s homepage. The dropdown will list staff names for selection. | Mandatory |
|
|
|
|
Business Unit | Assign a Business Unit for this risk action. This is the Business Unit where the action will reside. Note: This will be replaced by a pop up giving link access to the full organisation hierarchy in the new 'Flexible Hierarchy' structure. | Mandatory |
|
|
|
|
Start Date | Select a Start Date to which this action is due to start. Click on the Calendar icon to select a date. | Mandatory |
|
|
|
|
End Date | Select an End Date to which this action is due to complete. Click on the Calendar icon to select a date. | Mandatory |
|
|
|
|
Review Frequency | Select a frequency in the dropdown which the action needs to be reviewed and updated. | Mandatory | ||||
Next Review Date | This field is updated based on the 'Current Review Date' + 'Review Frequency' selected. Note: Currently, the Next Review Date updates automatically only when the reporting frequency is changed from the Risk Action Details page, and does not work when the reporting frequency is changed from the Risk Solution grid. | Optional |
|
|
|
|
Action Status | Select the current action status. Generally all actions will start off in a ‘Not Started’ state. | Mandatory | ||||
Completion Date | The completion date will be automatically filled on the date the action status was changed to 'Completed'. This is editable if required. | Optional | ||||
% Completed | If the action status is ‘Not Started’, then leave the % complete as 0. If the Status is ‘in Progress’ then ensure you enter in a % complete value between 1 – 99. | Mandatory |
|
|
|
|
Control Title | If an action is linked to one of your controls, you may link the control through this area. Note: Additionally, Risk Actions can be created and linked through the controls section. | Optional |
|
|
|
|
STEP 2: Ensure you click on the Add button to add your risk action to the table before you save.
3. Linking an Existing Action to a Risk |
Clicking on the Select Existing Solutions/Actions button, will let you select an existing action and link to the risk.
Clicking the button will open a pop-up, listing all existing actions for the organisation. Once an existing action is linked to the risk, data updates universally, following a shared approach across other actions as well.
The search area is provided in the existing action screen for the user to filter actions.
3.1 User Permissions for Adding/Linking Action to a Risk
The editing, deleting, adding is all based on the linked risk user permission.
E.g. If the logged in user does not have permission to edit the risk, the action grid edit/delete and add icons will be disabled.
Actions are checked or newly identified during the risk assessment process. Essentially, when a risk is assessed, you check if there are any existing actions in place to further help the controls which are put in place. The risk actions are taken as global templates. Hence, the title can be edited if you have permission to add/edit a risk. Once an action is linked to a risk, the progress and other details are edited by the risk/action owner within the risk.
This configuration to manage risk actions commonly can be enabled by an administrator, by enabling the setting accessed via Menu > Administration > Configuration > Settings < Manage Risk Action Commonly.
Responsible people for the actions are assigned by the Risk Responsible Officer (or one with a higher permission). Hence, an action owner cannot change their own assignments.
View other articles under this section: |