Risk Assessment – Risk Review
You can setup regular risk reviews which are scheduled frequencies at which you will review Current assessment ratings. This ensures they are up to date as per the progress made on risk solutions.
STEP 1: Click the Risk Review tab from within the risk you want to set up a review for.
STEP 2: The Review Frequency will be based on the latest risk rating saved within the Current Risk Assessment (see below to see which rating will default to which frequency). However, you may edit this from the Risk Review page if you have the permission to do so.
This can be defaulted to update frequency from rating via Menu > Administration > Configuration > Settings > [enable setting Update Frequency From Rating].
Note: A Risk Rating can be mapped to a Review Frequency via Menu > Risk Settings > Rating Type.
The Next Review Date will automatically pick up the next available date as per your specified frequency and next review date calculation logic, when it is next reviewed. However, you can modify the date using the calendar control.
Note: There is a system setting that you can switch on in order to lock this next review date for all users except Risk Managers and Administrators. This would be used if you do not want your risk owners to be able to edit the next risk review date, pushing out dates that they need to complete a review.
The setting is located within the Administration > Configuration > Settings > Enable next review date field within risk area only to the administrations and risk managers.
There are two logics that can be configured via Menu > Risk Settings > Review Frequency (see article Framework – Risk Settings under section 'Review Frequency' for setting this up), when determining the Next Review Date.
Next Review Date (NRD) calculation logic based on:
Review Due Date (default): This option will calculate the NRD as [Previous NRD + Review Frequency].
Actual Review Completion Date: This option will calculate the NRD as [Current Date + Review Frequency].
Example: The Previous NRD is populated as 20-May-2021 and Review Frequency is Monthly. You do the review on 05-Jul-21 and click 'Complete'.
Review Due Date logic: The new NRD will populate as 20-May-21 + 1 month = 20-Jun-21.
Actual Review Completion Date logic: The new NRD will populate as 05-Jul-21 + 1 month = 05-Aug-21.
A review is confirmed and completed by clicking on the Complete button. You can still perform interim changes to your risk review tab and click the Save button in the Review tab to update details. Only once a risk is reviewed, the below details for the risk will be updated.
Last Reviewed By: The staff by whom the risk was reviewed last along with the position. This will be a label field shown for reference purposes only.
Last Reviewed Date: The date on which the risk was last reviewed.
Next Reviewed Date: The next review date set forth for the risk based on the last review details as above.
STEP 3: Click the Complete button at the bottom of the page to apply any changes made within the 'Risk Review' tab and for the review cycle to be considered as completed. This will then update the 'Last Reviewed By', 'Last Reviewed Date', and 'Next Review Date' automatically.
Please note that clicking the Save button at the top of the page will not update these values automatically, and is used to only save the latest comments added by the user or to manually change the 'Next Review Date'.
You will receive an e-mail reminder for all overdue reviews of active risks which you are responsible person for. The reminder is triggered when the ‘Next Update Required’ date as per the Review Frequency specified by you in your last review has passed. The setup, frequency and content of your notifications are determined by your in-house Risk Administrator.