The risk criteria screen allows you to configure and manage Risk Criteria which is the terms of reference (standards, measures, or expectations) used in making a judgement or a decision on the significance of the risk to be assessed.

• STEP 1: Select the Risk Criteria tab.

Open

Figure 1.1

• STEP 2: To define a new criteria record, enter a name, a short code and a description. This description will display when users hover their cursor over this in the risk assessment area where the selection for this criteria record will be made.

• STEP 3: Under Visibility, select the assessment phases for which risk rating calculations the criteria should be used. For example, Likelihood and Consequence are often used for initial assessments, whereas Effectiveness of Controls is also often used in the current assessment (along with Likelihood and Consequence) when completing a review.

• STEP 4: The Sort field indicates the positioning of the Risk Criteria in the available assessment phases. If two or more fields have the same ‘Sort’ value, they will appear in alphabetical order.

STEP 5: Click the add icon to save.	Open
STEP 6: To edit an existing item, click on the edit icon. Then to save, click on the update icon.

When a Risk Criteria record is saved, the name turns into a hyperlink which can be clicked to navigate directly to its Risk Criteria Rating screen.

The Appetite Benchmark values against each category can be defined here if the feature is enabled for you.

• STEP 1: To define a new criteria record, enter a name and a numerical value for the criteria which will be the benchmark. This value will be used to determine the appetite rating comparison with the risk score for the risk. Click on Add to save.