Risk Reports
1. Overview |
The system provides a range of standard reports which allows you to filter and generate reports on risks and risk actions in your system.
Reports can be accessed from the Navigation Menu under Reports > Risk Reports.
Note: Risk Reports can be accessed from the left-hand navigation panel too.
Once the report has loaded in the SSRS viewer, it is up to you on whether you want to export the report to Microsoft Word (editable) or PDF (View) or Excel (Editable).
When clicking on any of the report icons, you will select the filters available (if applicable) and then click on the preview icon to load the report. |
Select the export icon to choose your selection:
Note: some reports are developed specifically for an excel export (mainly the risk register reports), and some reports are better viewed with PDF (generally all other standard reports).
When exporting to MS Word, there may be some formatting limitations that will occur. CAMMS can look at these if required. There is no guarantee that all formatting issues can be resolved at CAMMS end. However, we can highlight these to Microsoft.
Risk Reports – CAMMS Standard
Full Risk Register – CAMMS Standard
Simple Risk Register Report – CAMMS Standard/Other Risk Reports
Individual Risk Report – CAMMS Standard
Operational Risk Report – CAMMS Standard
Project Risk Report – CAMMS Standard
Strategic Risk Report – CAMMS Standard
Risk Action Summary Report – CAMMS Standard
Risk Executive Report – CAMMS Standard
Risk Professional System Administration Report – CAMMS Standard
Risk Status Report – CAMMS Standard
Risk Action Status Report – CAMMS Standard
Risk Action Report – CAMMS Standard
Administration Reports (Stand Alone Only) click here to view Admin Reports
Organisation View – CAMMS Standard
Organisational List – CAMMS Standard
Staff List – CAMMS Standard
User Overview – CAMMS Standard
2. Full Risk Register Report (Standard) |
This report contains a full export of the risks, mitigations and descriptions of the risk criteria used.
Please note – whilst this report can be downloaded in a variety of formats, because of the unique formatting this report has, MS Excel is the most appropriate medium for report presentation. The report format and columns can then be manipulated to suit. If generated in PDF for example, screen views may be restrictive due to the size and format of the report.
FILTERS | |
|---|---|
Filter | Description |
Risk Type | Dropdown allows users to choose the type of risk (Default to 'Show All'). |
Directorate | Dropdown allows users to choose the Directorate (Default to 'Show All'). |
Business Unit | Dropdown allows the users to choose the Business Unit (Default to 'Show All'). |
Risk Category | Dropdown allows the users to choose a Risk Category (Default to 'Show All'). |
Responsible Officer | Dropdown allows the users to choose the Responsible Officer (Default to 'Show All'). |
Risk Treatment | Dropdown allows the users to choose the Risk Treatment (Default to 'Show All'). |
Sort Risk First Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the First sorting priority (Default is set to 'Current Risk Rating'). |
Sort Risk Second Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the Second sorting priority (Default is set to 'Initial Risk Rating'). |
Sort Risk Third Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the Third sorting priority (Default is set to 'Risk Code'). |
Risk Status | Dropdown allows the users to choose the status of the Risk (Default is set to 'Active'). |
Business Process | Dropdown allows the users to choose the Business Process which is applied to the Risk (Default is set to 'Show All'). Only Applicable if you utilise these fields. |
Legislation | Dropdown allows the users to choose the legislation which is applied to the Risk (Default is set to 'Show All'). Only Applicable if you utilise these fields. |
Action | Allows you to filter the Project Risks by the specific Action (Default to 'Show All'). |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Reference Number | Displays the Risk Code. |
Risk Title | Displays the Risk Title. |
Primary Category/Subcategory | Displays the Primary Category followed by the Subcategory. |
Secondary Categories | Displays the Secondary Categories. |
Risk Type | Displays the Risk Type. |
Risk Identification | |
Risk Title | Displays the Risk Title. |
Causes | Displays the Causes for the three assessments - Initial, Current and Future. |
Consequences | Displays the Consequences for the three assessments - Initial, Current and Future. |
Existing controls | Displays the Existing Controls for the three assessments - Initial, Current and Future. |
Evaluation | |
Effectiveness of Controls | Displays the effectiveness for the three assessments. |
Risk Treatment | Displays the Risk Treatment for the three assessments. |
Initial Risk Assessment Rating | |
Consequences | Displays the rating for the consequences. |
Likelihood | Displays the rating for the Likelihood. |
Risk Rating Score | Displays the Initial Risk Rating Score. |
Risk Rating | Displays the overall Risk Rating image. |
Excel Export:
3. Simple Risk Register (Standard) |
This Report contains an export of the risks and a highlight of its related details.
Please note – whilst this report can be downloaded in a variety of formats, because of the unique formatting this report has, MS Excel is the most appropriate medium for report presentation. The report format and columns can then be manipulated to suit. If generated in PDF for example, screen views may be restrictive due to the size and format of the report.
FILTERS | |
|---|---|
Filter | Description |
Risk Type | Dropdown allows the users to choose the type of risk (Default to 'Show All'). |
Directorate | Dropdown allows the users to choose the Directorate (Default to 'Show All'). |
Business Unit | Dropdown allows the users to choose the Business Unit (Default to 'Show All'). Note: If 'Strategic Risk' is selected for Risk type, selecting 'Directorate’ or 'Business Unit’ will display a blank report. This is due to strategic risks not having these links. |
Risk Category | Dropdown allows users to choose the Risk Category (Default to 'Show All'). |
Responsible Officer | Dropdown allows the users to choose the Responsible Officer (Default to 'Show All'). |
Risk Treatment | Dropdown allows the users to choose the Risk Treatment (Default to 'Show All'). |
Sort Risk First Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the First sorting priority (Default is set to 'Current Risk Rating'). |
Sort Risk Second Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the Second sorting priority (Default is set to 'Initial Risk Rating'). |
Sort Risk Third Priority | Dropdown allows the users to sort the Priorities accordingly. This allows the user to define the Third sorting priority (Default is set to 'Risk Code'). |
Risk Status | Dropdown allows the users to choose the status of the Risk (Default is set to 'Active'). |
Business Process | Dropdown allows the users to choose the Business Process which is applied to the Risk (Default is set to 'Show All'). Only Applicable if you have these fields enabled. |
Legislation | Dropdown allows the users to choose the legislation which is applied to the Risk (Default is set to 'Show All'). Only Applicable if you have these fields enabled. |
Project | Allows you to filter the Project Risks by the specific Project (Default to 'Show All'). |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Risk Code | Displays the Risk Code. |
Risk Description | Displays the Risk Description. |
Causes - Initial | Displays the Causes through the Initial state. |
Risk Action | Displays the Risk Actions against the Risk. |
Primary Category/Subcategory | Displays the Primary and Subcategories. |
Secondary Categories | Displays the Secondary Categories. |
Responsible Person | Displays the Responsible Person name. |
Secondary Responsible Persons | Displays the Secondary Responsible Person name. |
Business Unit | Displays the Business Unit that the risk is linked to (Operational risks only). |
Initial | |
Consequence | Displays the Consequence description for the initial assessment. |
Likelihood | Displays the Likelihood description for the initial assessment. |
Risk Rating | Displays the Risk Rating in the Initial assessment. The cell will be coloured based on the risk rating. |
Current | |
Consequence | Displays the Consequence description for the current assessment. |
Effectiveness of Controls | Displays the Effectiveness of controls description. |
Likelihood | Displays the Likelihood description for the current assessment. |
Risk Rating | Displays the Risk Rating in the Current assessment. The cell will be coloured based on the risk rating. |
Future | |
Consequence | Displays the Consequence description for the Future assessment. |
Likelihood | Displays the Likelihood description for the Future assessment. |
Risk Rating | Displays the Risk Rating in the Future assessment. The cell will be coloured based on the risk rating. |
Report output example:
4. Individual Risk Report (Standard) |
This Report contains the details of each risks including the relevant risk actions and linked controls.
FILTERS | |
|---|---|
Filter | Description |
Risk Type | Dropdown allows users to choose the type of risk (Default to 'Show All'). |
Directorate | Dropdown allows users to choose the Directorate (Default to 'Show All'). |
Business Unit | Dropdown allows users to choose the Business Unit (Default to 'Show All'). |
Risk Rating Initial | This will allow users to choose the Initial rating for the Risk (Default to 'Show All'). |
Risk Rating Current | This will allow users to choose the Current rating for the Risk (Default to 'Show All'). |
Risk Rating Future | This will allow users to choose the Future rating for the Risk (Default to 'Show All'). |
Risk Category | Dropdown allows users to choose the Risk Category (Default to 'Show All'). |
Responsible Officer | Dropdown allows users to choose the Responsible Officer (Default to 'Show All'). |
Risk Treatment | Dropdown allows users to choose the Risk Treatment (Default to 'Show All'). |
Sort Risk First Priority | Dropdown allows users to sort the Priorities accordingly. This allows the user to define the First sorting priority (Default is set to 'Current Risk Rating'). |
Sort Risk Second Priority | Dropdown allows users to sort the Priorities accordingly. This allows the user to define the Second sorting priority (Default is set to 'Initial Risk Rating'). |
Sort Risk Third Priority | Dropdown allows users to sort the Priorities accordingly. This allows the user to define the Third sorting priority (Default is set to 'Risk Code'). |
Risk Status | Dropdown allows users to choose the status of the Risk (Default is set to 'Active'). |
Business Process | Dropdown allows users to choose the Business Process which is applied to the Risk (Default is set to 'Show All'). This is only applicable if these fields are enabled. |
Legislation | Dropdown allows users to choose the legislation which is applied to the Risk (Default is set to 'Show All'). This is only applicable if these fields are enabled. |
Risk Level | Dropdown will display the three assessment phases (Initial, Current and Future). |
Date Selection (Date TO and FROM) | This will allow users to filter out the risks based on risk review dates. |
Action | Allows you to filter the Project Risks by the specific Action (Default to 'Show All'). |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Cover page displaying the report title, client logo. |
Risk Details | |
Reference Number | Displays the Risk Code. |
Risk Title | Displays the Risk Title. |
Risk Rating | Displays the Risk Rating colour and description. |
Primary Category | Displays the Primary category of the report. |
Primary Subcategory | Displays the Primary Subcategory of the report. |
Secondary Categories | Displays the Secondary Categories of the report. |
Responsible Officer | Displays the Responsible officer. |
Secondary Responsible Officers | Displays the Secondary Responsible Officers. |
Risk Identification | |
Initial | Displays Likelihood, Consequence and Risk Rating for the Initial assessment. |
Current | Displays likelihood, Consequence, Effectiveness of Controls and Risk Rating for the Current assessment. |
Future | Displays likelihood, Consequence and Risk Rating for the Future assessment. |
Causes | Displays the causes of the Risk from the text field within the initial assessment. |
Consequences | Displays the consequences of the Risk from the text field within the initial assessment. |
Risk Controls | Displays the Risk Control titles and descriptions. |
Solutions | Displays the Risk actions (Risk Action, Risk Control Linked item (if applicable), Action Status, End Date, Progress Comments and Responsible Officer). |
Report output example:
5. Operational Risk Report (Standard) |
The Operational Risk report shows all Operational Risks. It displays all data which contributes to the setup of the risk, as well as the Initial, Current and Future rating and the risk progress.
FILTERS | |
|---|---|
Filter | Description |
Directorate | Dropdown allows selection of Directorate. 'Show All' is selected by default. |
Business Unit | Dropdown allows selection of Business Unit. If a directorate was selected above, the pages refreshes and this filter only shows the Business Units within that directorate. 'Show All' is selected by default. |
Risk Rating Initial | Dropdown allows selection of a Risk Rating for the Initial phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Current | Dropdown allows selection of a Risk Rating for the Current phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Future | Dropdown allows selection of a Risk Rating for the Future phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Category | Dropdown allows selection of a Risk Category (defined in Risk Settings > Categories). 'Show All' is selected by default. |
Responsible Officer | Dropdown allows selection of a Staff member (defined in Framework > Staff). 'Show All' is selected by default. |
Include Secondary Responsible Person | If ticked, chooses the risk records where selected staff member is primary OR secondary responsible person for. This is un-ticked by default. |
Show Risk Solution and Business Planning details | If ticked, includes additional Risk Solution (risk action) and Business Planning details. This is ticked by default. |
Show Solution Summary only | If ticked, only the Risk Solution (without details) will be shown in the relevant area. This is ticked by default. |
Risk Treatment | Dropdown allows selection of a Risk Treatment (defined in Risk Settings > Risk Treatment). 'Show All' is selected by default. |
Order By | Dropdown allows selecting a sorting mechanism for the records in the report to be listed down. Alphabetical order by Risk Name, By Risk Code and by Risk Rating (Initial, Current or Future) are some of the given options. 'Alphabetical order by Risk Name' is selected by default. |
Risk Status | Dropdown allows selection of a Risk Status, to be chosen from whether that Risk is 'Active' or 'Inactive'. |
Business Process | Dropdown allows selection of a Business Process (defined in Risk Settings > Advanced Settings > Business Process). 'Show All' is selected by default. |
Legislation | Dropdown allows selection of a Legislation (defined in Risk Settings > Advanced Settings > Legislation). 'Show All' is selected by default. |
REPORT DETAILS | ||
|---|---|---|
Report Element | Description | |
Directorate | Name of the Directorate selected by user. | |
Business Unit | Name of the Business Unit selected by the user. | |
Reference Number | Unique number for each risk. Reference Code is given at the Risk creation. | |
Risk | Risk name. This is mentioned at the Risk creation. | |
Responsible Officer | Responsible Officer allocated for the Risk. | |
Secondary Responsible Officer(s) | Secondary Responsible Officers allocated for the Risk. | |
Risk Category | Risk categories (primary category listed first and then secondary categories if relevant). Selected at the Risk creation. | |
Review Frequency | Risk review frequency (i.e., annual, monthly etc.) Data drawn from the chosen Review Frequency at Operational Risk > Risk Review area. Different Review Frequencies are defined at Risk Settings > Advanced Settings > Review Frequency area. | |
Assessment phases for a Risk. Under each phase there are sub-sections such as assessment, solution and treatment. | ||
Initial Assessment Current Assessment Future Assessment | Assessment phases | |
Likelihood | Risk likelihood identified in Initial phase | |
Consequence | Risk consequence (identified via Consequence Reference Grid) | |
Effectiveness of Controls | Effectiveness of Controls identified in Initial phase | |
Custom Criteria | Client defined criteria | |
Last Modified Date | Date Initial risk assessment last saved. Will appear as N/A if no date available (possible if data was migrated) | |
Risk Rating | Initial risk assessment rating (as per the calculation defined in Risk Calculation Settings) | |
Causes | Causes identified during Initial phase | |
Consequences | Consequences identified during Initial phase | |
Existing Controls | Existing Controls identified during Initial phase | |
Future Controls | Future Controls identified during Initial phase | |
Treatment (s) | Treatments identified in Initial phase | |
Risk Solution Related Fields. | Name of Risk Solution | |
Solution | ||
Responsible Officer* | Responsible Officer for the solution | |
Reporting Frequency* | Risk solution reporting frequency i.e., annual, monthly etc. | |
Status* | Status of Solution (i.e., In Progress, Completed) | |
Due Date / Completed Date* | Due Date and Completed Date of Risk Action. Will appear as N/A if date is not mentioned. | |
% Complete* | Percentage complete of risk solution | |
Progress Comment* | Last Progress Comment for risk solution | |
Resource Requirement* | Resource Requirement for Risk solution | |
Business Plans connected fields. | All Goals linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Goals* | ||
Related Outcomes (Risk Solutions) * | All Outcomes linked to this Risk’s Solutions are listed | |
Related Actions* | All Actions linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Tasks* | All Tasks linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Tasks (Risk Solutions) * | All Tasks linked to this Risk’s Solutions are listed | |
Business Process | Related Business Processes. | |
Legislation | Related Legislation. | |
6. Project Risk Report - Standard |
This report shows all Project related Risks. It displays all data which contributes to the setup of the risk, as well as the Initial, Current and Future rating and the risk progress.
FILTERS | |
|---|---|
Filter | Description |
Directorate | Dropdown allows selection of Directorate. |
Business Unit | Dropdown allows selection of Business Unit. If an Directorate was selected above, the pages refreshes and this filter only shows the within that Directorate. 'Show All' is selected by default. |
Risk Rating Initial | Dropdown allows selection of a Risk Rating for the Initial phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Current | Dropdown allows selection of a Risk Rating for the Current phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Future | Dropdown allows selection of a Risk Rating for the Future phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Category | Dropdown allows selection of a risk category (defined in Risk Settings > Categories). 'Show All' is selected by default. |
Responsible Officer | Dropdown allows selection of a Staff member (defined in Framework > Staff). 'Show All' is selected by default. |
Include Secondary Responsible Person | If ticked, chooses the risk records where selected staff member is primary OR secondary responsible person for. This is un-ticked by default. |
Show Risk Solution and Business Planning details | If ticked, includes additional Risk Solution and Business Planning details. This is ticked by default. |
Show Solution Summary only | If ticked, only the Risk Solution (without details) will be shown in the relevant area. This is ticked by default. |
Risk Treatment | Dropdown allows selection of a Risk Treatment (defined in Risk Settings > Risk Treatment). 'Show All' is selected by default. |
Order By | Dropdown allows selecting a sorting mechanism for the records in the report to be listed down. Alphabetical order by Risk Name, By Risk Code and by Risk Rating (Initial, Current or Future) are some of the given options. 'Alphabetical order by Risk Name' is selected by default. |
Risk Status | Dropdown allows selection of a Risk Status, to be chosen from whether that Risk is 'Active' or 'Inactive'. |
Business Process | Dropdown allows selection of a Business Process (defined in Risk Settings > Advanced Settings > Business Process). 'Show All' is selected by default. |
Legislation | Dropdown allows selection of a Legislation (defined in Risk Settings > Advanced Settings > Legislation). 'Show All' is selected by default. |
Project | Dropdown allows selection of a Name of the Project that a project risk has been created for. 'Show All' is selected by default. |
REPORT DETAILS | ||
Report Element | Description | |
Directorate | Name of the Directorate selected by user. | |
Business Unit | Name of the Business Unit selected by the user. | |
Project | Name of the Project that Risk has been created for. | |
Risk Code | Unique code for each risk. Risk Code is given at the Risk creation. | |
Risk | Risk name. | |
Responsible Officer | Responsible Officer allocated for the Risk. | |
Secondary Responsible Officer (s) | Secondary Responsible Officers allocated for the Risk. | |
Risk Category | Risk categories (primary category listed first and then secondary categories if relevant). Selected at the Risk creation. | |
Review Frequency | Risk review frequency (i.e., annual, monthly etc.) Data drawn from the chosen Review Frequency at Operational Risk > Risk Review area. Different Review Frequencies are defined at Risk Settings > Advanced Settings > Review Frequency area. | |
Assessment phases for a Risk. Under each phase there are sub-sections such as assessment, solution and treatment. | ||
Initial Assessment Current Assessment Future Assessment | Assessment phases | |
Likelihood | Risk likelihood identified in Initial phase | |
Consequence | Risk consequence (identified via Consequence Reference Grid) | |
Effectiveness of Controls | Effectiveness of Controls identified in Initial phase | |
Custom Criteria | Client defined criteria | |
Last Modified Date | Date Initial risk assessment last saved. Will appear as N/A if no date available (possible if data was migrated) | |
Risk Rating | Initial risk assessment rating (as per the calculation defined in Risk Calculation Settings) | |
Causes | Causes identified during Initial phase | |
Consequences | Consequences identified during Initial phase | |
Existing Controls | Existing Controls identified during Initial phase | |
Future Controls | Future Controls identified during Initial phase | |
Treatment(s) | Treatments identified in Initial phase | |
Risk Solution Related Fields. | ||
Solution | Name of Risk Solution | |
Responsible Officer* | Responsible Officer for the solution | |
Reporting Frequency* | Risk solution reporting frequency i.e., annual, monthly etc. | |
Status* | Status of Solution (i.e., In Progress, Completed) | |
Due Date / Completed Date* | Due Date and Completed Date of Risk Action. Will appear as N/A if date is not mentioned. | |
% Complete* | Percentage complete of risk solution | |
Progress Comment* | Last Progress Comment for risk solution | |
Resource Requirement* | Resource Requirement for Risk solution | |
Business Plans connected fields. | ||
Report example output:
7. Strategic Risk Report - Standard |
This report shows information on Strategic Risks. It displays all data which contributes to the setup of the risk, as well as the Initial, Current and Future rating and the risk progress.
To access this report, follow the steps below.
Select the 'Strategic Risk Report - Standard' and choose relevant criteria. Click the Preview button.
FILTERS | |
|---|---|
Filter | Description |
Risk Rating Initial | Dropdown allows selection of a Risk Rating for the Initial phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Current | Dropdown allows selection of a Risk Rating for the Current phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Future | Dropdown allows selection of a Risk Rating for the Future phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Category | Dropdown allows selection of a Category (defined in Risk Settings > Categories). 'Show All' is selected by default. |
Responsible Officer | Dropdown allows selection of a Staff member (defined in Framework > Staff). 'Show All' is selected by default. |
Include Secondary Responsible Person | If ticked, chooses the risk records where selected staff member is primary OR secondary responsible person for. This is un-ticked by default. |
Show Risk Solution and Business Planning details | If ticked, includes additional Risk Solution and Business Planning details. This is ticked by default. |
Show Solution Summary only | If ticked, only the Risk Solution (without details) will be shown in the relevant area. This is ticked by default. |
Risk Treatment | Dropdown allows selection of a Risk Treatment (defined in Risk Settings > Risk Treatment). 'Show All' is selected by default. |
Order By | Dropdown allows selecting a sorting mechanism for the records in the report to be listed down. Alphabetical order by Risk Name, By Risk Code and by Risk Rating (Initial, Current or Future) are some of the given options. 'Alphabetical order by Risk Name' is selected by default. |
Risk Status | Dropdown allows selection of a Risk Status, to be chosen from whether that Risk is 'Active' or 'Inactive'. |
Business Process | Dropdown allows selection of a Business Process (defined in Risk Settings > Advanced Settings > Business Process). 'Show All' is selected by default. If Applicable. |
Legislation | Dropdown allows selection of a Legislation (defined in Risk Settings > Advanced Settings > Legislation). 'Show All' is selected by default. If Applicable. |
REPORT DETAILS | ||
|---|---|---|
Report Element | Description | |
Risk Code | Unique number for each risk. Risk Code is given at the Risk creation. | |
Risk | Risk name | |
Responsible Officer | Responsible Officer allocated for the Risk. | |
Secondary Responsible Officer(s) | Secondary Responsible Officers allocated for the Risk. | |
Primary Risk Category | Primary Risk Category Selected (primary category listed first and then secondary categories if relevant). Selected at the Risk creation. | |
Review Frequency | Risk review frequency (i.e., annual, monthly etc.) Data drawn from the chosen Review Frequency at Operational Risk > Risk Review area. Different Review Frequencies are defined at Risk Settings > Advanced Settings > Review Frequency area. | |
Assessment phases for a Risk. Under each phase there are sub-sections such as assessment, solution and treatment. | ||
Initial Assessment Current Assessment Future Assessment | Assessment phases | |
Likelihood | Risk likelihood identified in Initial phase | |
Consequence | Risk consequence (identified via Consequence Reference Grid) | |
Effectiveness of Controls | Effectiveness of Controls identified in Initial phase | |
Last Changed Date | Date Initial risk assessment last saved. Will appear as N/A if no date available (possible if data was migrated) | |
Risk Rating | Initial risk assessment rating (as per the calculation defined in Risk Calculation Settings) | |
Causes | Causes identified during Initial phase | |
Consequences | Consequences identified during Initial phase | |
Existing Controls | Existing Controls identified during Initial phase | |
Future Controls | Future Controls identified during Initial phase | |
Treatment(s) | Treatments identified in Initial phase | |
Risk Solution Related Fields. | ||
Solution | Name of Risk Solution | |
Responsible Officer* | Responsible Officer for the solution | |
Reporting Frequency* | Risk solution reporting frequency i.e., annual, monthly | |
Status* | Status of Solution (i.e., In Progress, Completed) | |
Due Date/Completed Date* | Due Date and Completed Date of Risk Action. Will appear as N/A if date is not mentioned. | |
% Complete* | Percentage complete of risk solution | |
Progress Comment* | Last Progress Comment for risk solution | |
Resource Requirement* | Resource Requirement for Risk solution | |
Business Plans connected fields. | ||
Related Goals* | All Goals linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Goals (Risk Solutions) * | All Goals linked to this Risk’s Solutions are listed | |
Related Outcomes* | All Outcomes linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Outcomes (Risk Solutions) * | All Outcomes linked to this Risk’s Solutions are listed | |
Related Strategies* | All Strategies linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Strategies (Risk Solutions) * | All Strategies linked to this Risk’s Solutions are listed | |
Related Actions* | All Actions linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Related Actions (Risk Solutions) * | All Actions linked to this Risk and its Solutions are listed | |
Related Tasks* | All Tasks linked to this Risk are listed if “Link Risks to hierarchy” parameter on. | |
Report example output:
8. Risk Action Summary Report |
This report will contain an overview of all risk actions that are overdue or scheduled. This report will show graphs and a progress table of all risk actions, linked to the Business Unit.
FILTERS | |
|---|---|
Filter | Description |
Risk Type | Dropdown allows users to choose the type of risk (Default to 'Show All'). |
Directorate | Dropdown allows users to choose the Directorate (Default to 'Show All'). |
Business Unit | Dropdown allows users to choose the Business Unit (Default to 'Show All'). |
Risk Category | Dropdown allows selection of a Risk Category (defined in Risk Settings > Categories). 'Show All' is selected by default. |
Risk Responsible Person | Dropdown allows selection of a Staff member (defined in Framework > Staff) to filter by risk responsible officer. 'Show All' is selected by default. |
Risk Status | Dropdown allows the users to choose the status of the Risk (Default is set to 'Active'). |
Date Section (TO and FROM) | This will allow user to input the start and end date of the risk solutions. |
Risk Rating Initial | Dropdown allows selection of a Risk Rating for the Initial phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Current | Dropdown allows selection of a Risk Rating for the Current phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Rating Future | Dropdown allows selection of a Risk Rating for the Future phase of the risk assessment (defined in Risk Settings > Risk Ratings). 'Show All' is selected by default. |
Risk Action Status | Dropdown allows selection of the risk action status (Completed, Overdue or in progress). |
Show Risk Actions Overview | Tick box will allow you to show or hide the ‘Risk Actions Overview’ section of the report. Default will be to show the section (Ticked). If you were to untick this, then it will hide from the report. |
Show Risk Action Summary Chart | Tick box will allows you to show or hide the ‘Risk Action Summary Chart’ section of the report. Default will be to show the section (Ticked). If you were to untick this, then it will hide from the report. |
Show Filter Page | Tick box will allows you to show or hide the filter page in the report. Default will be to show the section (Ticked). If you were to untick this, then it will hide from the report |
Show Risk Action Summary | Tick box will allows you to show or hide the ‘Risk Action Summary’ section of the report. Default will be to show the section (Ticked). If you were to untick this, then it will hide from the report. |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Cover Page which will show the report name and client logo. |
Report Filter Page | Report filter page displaying all the filter selections made to run the report. You can hide this section from the report via the filters. |
Risk Actions Overview donut graph | Displaying the total list of Risk actions in graph form – Only the risk actions which are overdue or scheduled within the dates selected from the filters (Date TO and FROM). |
Risk Actions Summary Graph | A graph for every Directorate, it will display the risk action statuses by Business Unit. |
Risk Actions Summary | This section will display all risk actions grouped by Directorate, Business Unit and Risk. The risk actions are further grouped by if they are Overdue (end date has passed and it is not yet completed), or scheduled to be completed (end date is within the date FROM and TO filter). |
Directorate | Directorate which the Business Unit is linked to. |
Business Unit | The Business Unit which the risk is linked to. |
Risk Action Details | |
Risk ID/Name | Risk Code and Risk Title which the risk actions are linked to. |
Solutions/ Risk Action | Risk action title |
Responsible Person | Risk Action Responsible person |
Status | Risk Action current status |
% Complete | Risk Action current % complete |
Start Date | Risk Action Start Date |
End Date | Risk Action End Date |
Due Days | Overdue Risk Actions – the number of days it has been overdue for (YTD) – Flagged red. Scheduled Risk Actions – How many days until the risk action is due to be completed (YTD) – Flagged Blue. |
Report example output:
9. Risk Executive Report |
This report will display an overview of risks and risk action information grouped by risk type. The report will contain a Risk Graph, Risk Matrix Graph and the Risk Details and linked Risk Actions (solutions).
FILTERS | |
|---|---|
Filter | Description |
Directorate | Dropdown lists the available Directorates within the organisation and must filter the risks accordingly to the Directorate selected by the user. |
Business Unit | Dropdown that lists the Business Unit within the organisation and must filter the risks accordingly to the Business Unit selected by the User. |
Responsible Officer | Lists all active staff members of the organisation. Must allow the user to filter the report content where the selected staff member is the responsible officer for the Risk. |
Risk Type | Allows the user to select the type of risk and filter the report content accordingly (Strategic/Operational/Project) |
Risk Category | Lists the Categories of the Organisation and must filter the report content accordingly to the risk Category selected by the User. |
Include Secondary Resp. Person | Applied the below 2 functionalities, when ticked:
|
Organisational Risk Summary | Displays the 'Organisational Risk Summary' section, when ticked. |
Show Risk Details | Displays the 'Risk Details' section, when ticked. |
Risk Level | Allows the user to select the risk assessment level and filter the report content accordingly (Initial/Current/Future). |
Risk Rating Type | Displays the risk ratings within the system and allows the user filter the report content accordingly. |
Show Risk Review Comments | Displays the ‘Risk Review Comments’ section when ticked. |
Show Filter Page | Displays the ‘Filter Page’ when ticked. |
RISK DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Displays a cover page with the title and client logo. |
Filter Page | Displays the filter page which contains all of the selected filters. |
Organisational Risk Summary | Displays a column graph of risk level Vs Risk Rating type (number of risks in Extreme, high, Moderate and low). |
Risk Heat Maps | Displays a heat map for Initial, Current and Future Assessment for all risks. It will show the number of risks which fall into the specific risk rating areas of the heat map based on their likelihood and consequence calculation. |
Operation Risk Details | |
Risk Code | Risk Code |
Risk | Risk Title |
Responsible Officer | Risk responsible Officer |
Risk Category | Risk Primary Category |
Last Reviewed | The last reviewed date (when the risk review was updated and saved) |
Issue Type | The Risk type (Threat, Weakness, Opportunity or Strength) |
Risk treatment | The Risk Treatment selection |
Initial Rating | Initial risk assessment rating (as per the calculation defined in Risk Calculation Settings). The Date is the date which this rating was last updated. |
Revised Rating | Revised/Current risk assessment rating (as per the calculation defined in Risk Calculation Settings). The Date is the date which this rating was last updated. |
Future Rating | Future risk assessment rating (as per the calculation defined in Risk Calculation Settings). The Date is the date which this rating was last updated. |
Overall Effectiveness of Controls | Effectiveness of controls selection within the Revised risk assessment (or whichever assessment this is rated – if applicable). |
Causes | Risk Causes field |
Consequences | Risk Consequences field |
Risk Actions | |
Risk Action | Risk Action Title |
Responsible Person | Risk Action Responsible Person |
Progress | % Complete |
Due Date | Risk Action due date |
Start Date | Risk action start date |
End Date | Risk Action end date |
Comments | Risk Action Progress Comments |
Report example output:
10. Risk Professional System Administration Report |
This report shows details of all risk information only if the risk is modified for certain fields. The data will include Date Printed, Change/Update and User ID of the user who made the change/update. The report will show that it has been modified but will not actually show what the modification actually is. It is only a certain number of risk fields that are currently being tracked in order for the risk to be recorded as modified within this report (see below the fields). If any of those tracked fields are modified, then the report will display that this risk has been modified at this time, by the user:
The risk assessment fields are:
Reporting Officer
Risk Identifiers
Risk Identified
Risk Issue
Risk Type
Causes
Consequences
Existing Controls
Future Controls
Next Review Date
Review Frequency
Solution
Secondary Resp. Officer
Upload Document
Hyperlink
The report can be filtered by Directorate, Business Unit and Risk Type (Strategic, Operational or Project).
FILTERS | |
|---|---|
Filter | Description |
Directorate | Dropdown allows selection of the Directorate.' Show All' is selected by default. |
Business Unit | Dropdown allows selection of the Business Units. When a Directorate is selected above, the page refreshes and this filter only shows the Business Unit within that particular Directorate. 'Show All' is selected by default. |
Team | Not Applicable |
Risk Type | Dropdown allows selection of a Risk Type. (Defined at the Risk creation ) 'Show All' is selected by default. |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Directorate | Directorate selected by the user. |
Business Unit | Business Unit selected by the user. |
Risk Code | Unique risk code for each risk. |
Risk Issue | Risk Title |
User | Username of the user who made the changes to the stated Risk record. |
Action | Displays that a change (Modify only) has been made to the record. |
Time Stamp | Date and time of that record being saved to the database. This is taken from the system date and time of the computer. |
Report example output:
11. Risk Status Report |
This report enables you to view the status of Risks and Risk Actions. The report contains 3 sections as follows:
Risk Matrix – Risk matrix which depicts the number of risks against the risk criteria used in determining the overall Risk rating (The 2 criteria are limited to Likelihood and Consequence).
Risk Matrix Summary – A table which lists the risks relevant for each cell within the risk matrix. Table will be grouped by risk ratings within the matrix.
Risk Status – This section lists the risk rating criteria and risk ratings applicable for each assessment level of the risk. Additionally it displays a table on risk action information.
The following filters will be available.
FILTERS | |
|---|---|
Filter | Description |
Risk Type | This will allow the user to select the type of risk & filter the report content accordingly. Default to ‘Show All’. |
Directorate | Lists the available Directorate within the organisation and must filter the report content according to the Directorate selected by the user. Default to ‘Show All’. |
Business Unit | Lists the available Business Units within the Organisation. Default to ‘Show All’. |
Category | Lists the Categories of the risks and will filter the report content according to the Risk Category selected by the user. Default to ‘Show All’. |
Responsible Officer | Lists all active staff members of the Organisation. Would allow the user to filter the report content where the selected staff member is the primary responsible officer for the risk. Default to ‘Show All’. |
Risk Treatment | Lists the Risk Treatment types available within the Organisation and will filter the report content according to the Risk Treatment selected by the user. Default to ‘Show All’. |
Risk Level | Lists the risk assessment levels available within the Organisation and will filter the report content according to the Risk assessment level selected by the user (i.e. Inherent Risk Assessment, Residual Risk Assessment). Default to ‘Show All’. When Risk Level is selected as ‘Show All’ the risk matrix section must display matrix each for all available assessment levels. If a specific risk level is selected (i.e. Residual Risk Assessment), the report must only display one matrix only for the selected level. |
Risk Status | Will allow the user to filter the report content by the status of risks. Default to ‘Active’. |
Risk Rating | This allows the user to select one or more risk ratings at the same time in order to filter risks (i.e. Extreme, High, Low etc.). 3 filter controls will appear for each risk assessment level respectively (i.e. Risk Rating Initial, Risk Rating Current, and Risk Rating Future). |
Show Matrix | Will display the ‘Risk Matrix’ section when ticked. Un-ticked by default. |
Show Risk Details | Will display the detailed risk section when ticked. Ticked by default. |
Show Risk Review Comments | Will display the risk review comments section when ticked. Ticked by default. |
X axis | This dropdown lists the risk rating criteria available for the organisation. Allows the user to select the risk rating criteria to be displayed along the ‘X’ axis of the Risk matrix. |
Y axis | This dropdown lists the risk rating criteria available for the organisation. Allows the user to select the risk rating criteria to be displayed along the ‘Y’ axis of the Risk matrix. |
Action | Dropdown allows selection of a Name of the Action that a project risk has been created for. 'Show All' is selected by default. Only applicable to Project Risks. |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Cover page which will show the report title and client logo. |
Risk Matrix | Risk matrix which depicts the number of risks against the risk criteria used in determining the overall Risk rating (The 2 criteria are limited to Likelihood and Consequence). |
Risk Matrix Summary | A table which lists the risks relevant for each cell within the risk matrix. Table will be grouped by risk ratings within the matrix. |
Risk Status | This section lists the risk rating criteria and risk ratings applicable for each assessment level of the risk. Additionally it displays a table on risk action information. |
Report example output:
12. Risk Action Status Report |
This report will display summary information on Risk Actions. The following risk action information will be available within the report for each risk.
Statistics on the total number of risk actions (for the selected period), number of risk actions completed on time, number of due risk actions and number of overdue risk actions.
Overdue Risk actions - A table with information on overdue risk actions.
Due Risk actions - A table with information on due risk actions.
FILTERS | |
|---|---|
Filter |
|
Risk Type | Will allow the user to select the type of risk & filter the report content accordingly. Default to ‘Show All’. |
Date Select | Will allow the user to select the desired period to filter the Risk Actions. The Date Select contains a calendar which lets the user select the ‘From’ date & the ‘To’ date. By default, ‘From’ date = 1st date of the current Financial year ‘To’ date = End date of the current Financial year |
Directorate | Lists the available Directorates within the Organisation and must filter the risks according to the Directorate selected by the user. Default to ‘Show All’. |
Business Unit | Lists the available Business Units within the Organisation and must filter the risks according to the Business Unit selected by the user. Default to ‘Show All’. |
Category | Lists the Risk Category of the Organisation and will filter the report content according to that risk category selected by the user. Default to ‘Show All’. |
Responsible Officer | Lists all active staff members of the Organisation. Would allow the user to filter the report content where the selected staff member is the responsible officer for the Risk. Default to ‘Show All’. |
Risk Status | Will allow the user to filter the report content by the status of risks. Default to ‘Active’ |
Risk Rating | This allows the user to select one or more risk ratings at the same time in order to filter risks (i.e., Extreme, High, Low etc.). 3 filter controls will appear for each risk assessment level respectively (i.e., Risk Rating Initial, Risk Rating Current, Risk Rating Future) |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Cover page showing the report title and logos |
Solutions Summary | Statistics on the total number of risk actions (for the selected period), number of risk actions completed on time, number of due risk actions and number of overdue risk actions. |
Overdue Risk Treatment Plans | Overdue Risk actions – A table with information on overdue risk actions. |
Due Risk Treatment Plans | Due Risk actions – A table with information on due risk actions. |
Report example output:
13. Risk Action Report |
This report enables the user to filter and generate reports pertaining to Risk Solutions (i.e. mitigation actions). The report can be filtered by DIRECTORATE, Business Unit, Team, Risk Status (Active, Inactive) and Risk Type (Strategic, Operational or Project) if required.
A set of three options Proposed, Complete and Overdue enables further filtering as follows:
Proposed: Only lists Solutions where % complete <100%
Completed: Only lists Solutions where % complete = 100% (default filter)
Overdue: Only lists Solutions where current date > Due date
FILTERS | |
|---|---|
Filter | Description |
Risk Type | Will allow the user to select the type of risk & filter the report content accordingly. Default to ‘Show All’. |
Directorate | Lists the available Directorate s within the organisation and must filter the risks according to the Directorates selected by the user. Default to ‘Show All’. |
Business Unit | Lists the available Business Units within the organisation and must filter the risks according to the Business Unit selected by the user. Default to ‘Show All’. |
Risk Report | A set of three options Proposed, Complete and Overdue enables further filtering as follows: ·Proposed: Only lists Risk Actions where % complete <100% ·Completed: Only lists Risk Actions where % complete = 100% (default filter) ·Overdue: Only lists Risk Actions where current date > Due date |
Risk Status | Will allow the user to filter the report content by the status of risks. Default to ‘Active’. |
REPORT DETAILS | |
|---|---|
Report Element | Description |
Cover Page | Displays the report title with what Risk Report (status) you have selected (Proposed/Completed or Overdue). Also displays the client logo. |
Details | Grouped by Risk type, it will display all risk actions and their details below |
Risk Actions | |
Risk Code | Risk Code |
Risk | Risk title |
Risk Action | Risk Action Title |
Status | Risk Action Status |
% Completed | Risk Action % Complete (YTD) |
Responsible Person | Risk Action responsible person |
Due Date | Risk Action End Date (Due Date) |
Overdue Days | Number of days (YTD) that the risk action has been overdue for. |
Initial Likelihood | Initial Assessment Likelihood description |
Initial Consequence | Initial Assessment Consequence description |
Initial Risk Rating | Initial Assessment Rating description and Icon |
Current Likelihood | Current Assessment Likelihood description |
Current Consequence | Current Assessment Consequence description |
Current Risk Rating | Current Assessment Rating description and Icon |
Future likelihood | Future Assessment Likelihood description |
Future Consequence | Future Assessment Consequence description |
Future Risk Rating | Future Assessment Rating description and Icon |
Risk Responsible Person | Risk Responsible Person |
Review Frequency | Risk Review Frequency (within the risk review tab). |
Report example output:
14. Risk Linkages Report |
A standard Risk Linkages Report detailing all risk linkages.