Risks
1. Introduction
Welcome to the Risks Overview page, your central hub for monitoring and managing all risk-related activities within your organization. Here, you can effortlessly navigate through active and archived risks, refine your search with intuitive filters, and swiftly add new risks to your registry.
2. Risk Overview
2.1 Navigating the Overview
Risks Programs, Risk Matrix & Archived Risks: Easily toggle between current and historical risks to maintain a comprehensive understanding of your risk landscape.
Adding Risks: Simplify risk entry with the '+ Add Risk' button, streamlining the process of risk documentation.
Pin or archive an entity: Use the 'three dots' icon to pin or unpin an entity in the overview or to archive an entity. Archived entities are accessible under the 'Archived Entities' tab.
Pin, unpin or archive an Risk
2.2 Risk Matrix
The Risk Board is a feature within our application designed to make the risk management process easier and more effective. It allows users to create risk placeholders and perform detailed Risk Analyses. This allows organizations to gain a better understanding of the impact and likelihood of risks to their organization.
2.3 Archived Risks
Archived risks can be found in the Archived Risks tab. Archived risks no longer play an active role and therefore do not consume any elements, but are still part of the ongoing risk and reporting processes. In particular, this archiving function is intended to provide a clear and up-to-date view of the companies with which you are working, without losing historical data. It is not possible to restore archived items to the active list.
3. Adding a New Risk
Creating a new risk is a straightforward process designed to capture essential information quickly while allowing for detailed configuration when needed.
3.1 Initial Risk Setup
Basic Information: Start with the name, a short name, and an icon to represent the risk visually.
Impact and Probability: Optionally, specify the initial impact and probability levels to prioritize risks effectively. The values are used to determine urgency in Risk Events.
3.2 Configuration Wizard
Embark on a guided journey to fully configure your risk with the 'Configure Risk' button, leading you through critical steps from basic details to comprehensive risk management.
3.2.1 Risk Basic Details
Establish the foundation with key information about the risk.
3.2.2 Template Selection
Risk templates are an essential tool for any organization looking to streamline the risk management process. These pre-configured templates are designed to help users efficiently prepare risk. They contain predefined content, such as texts, controls and a specific layout, allowing risks to be documented in a structured and uniform manner.
3.2.3 Scope Definition
The Scope Description helps align the scope with the context of the organization by describing the purpose and impact, and including a general description of the risk. Match the scope to your organization's context, describe the purpose, consequence and include a general description of the Risk.
3.2.4 Applied Controls
Risk controls are the backbone of effective risk management, applied in a structured and organized manner to help your organization identify, assess, and manage risks in your supply chain. Review risk controls directly linked to the risk. View details to learn more about the relevance of control to risk.
3.2.5 Related Risks
Related risks are linked to form a holistic risk picture, which is essential for an integrated approach to risk management. Connect interrelated risks for a holistic risk view.
3.2.6 Affected Entities
Activate the risk so that it becomes active, thus the risk can be used when configuring other items or reporting events. Related risks connect for a holistic risk picture, which is essential for an integrated approach to risk management.
3.2.7 Involved Participants
Key individuals involved in risk management are identified, and assigning a "Primary Participant" is critical to establishing clear responsibility and leadership for the risk. Identify key personnel associated with risk management.
3.2.8 Summary and Activation
The summary page provides a graphical overview of the risk. Click on various elements in the summary for direct access to specific screens where you can view more details and make adjustments as needed.
Activate the risk so that the risk can be used when configuring other items or reporting events. Clicking the Activate Risk button activates the risk, the bullet turns green as an indicator.
4. Risk Matrix
4.1 What is the Risk Board?
The Risk Board is a feature within our application designed to make the risk management process easier and more effective. It allows users to create risk placeholders and perform detailed Risk Analyses. This allows organizations to gain a better understanding of the impact and likelihood of risks to their organization.
4.2 How does the Risk Board work?
The Risk Board provides multiple functions to manage risk:
Risk Placeholders: Users can create risk placeholders to identify and capture specific risks. These placeholders contain information about the risk, such as its name, description, and potential impact and probability.
Risk Analysis: Users can place Risk Cards on the Risk Board and then position them in the Risk Matrix. This allows them to determine the impact and probability of the risk to the organization.
Risk Tolerance Slider: The Risk Tolerance slider is a handy tool that allows users to indicate the tolerance for each risk. This provides insight into how much risk the organization is willing to accept.
4.3 Benefits of the Risk Board
The Risk Board provides several benefits:
Overview and management: It provides organizations with an overview of ongoing risks and their positioning on the risk matrix. This allows risks to be managed and monitored more effectively.
Risk Analysis: Users can perform detailed risk analysis to identify critical risks and take appropriate action.
Decision-making: Enables management teams to make informed decisions based on a clear picture of the organization's risks.
Understanding Tolerance: The risk tolerance slider provides insight into the organization's risk tolerance, which is important for determining acceptable risk levels.
The Risk Board is a powerful tool that can help your organization proactively manage risk and optimize business performance.
5. Maximizing the potential of ‘Risks’
It's about moving beyond identifying and cataloging risks to actively managing them. This means regularly updating risk assessments, integrating risk management into daily operations, and fostering a culture of risk awareness throughout the organization. Effective use of risk leads to better decision making, improved operational resilience and a more proactive approach to potential threats.
Participants can be assigned to specific risks, fostering collaboration and ensuring that each entity is appropriately monitored and managed.
Risk analysis and prioritization: Use advanced data analysis tools to assess and prioritize risks based on impact and likelihood. This helps you allocate resources to the most critical risks.
Risk Mitigation Actions: Implement specific actions or strategies to reduce identified risks. These can range from technical solutions to organizational changes. Controls help you put the right management actions in place. The details of a control are accompanied by control questions to help you.
Risk Communication: Develop a clear communication strategy to keep all stakeholders-from employees to top management-informed about risks and actions taken to control them. In riskstudio, you can assign a primary contact to risks and entities so there is a designated point of contact and/or accountability.
Incident Management Integration: Integrate risk management with incident management tools to quickly identify, analyze and respond to incidents that occur, providing a holistic view of risks and incidents. Leverage RiskStudio's reported events and event triage capabilities for notification, review and conversion to risk events.
Risk awareness and training: Provide regular training and awareness programs to ensure employees understand the risks the organization faces and how they can help mitigate them.
Continuous Monitoring and Auditing: Establish a process for continuous monitoring of the risk landscape and regular review of risk assessments to ensure that risk management remains current with the changing external and internal environment.
6. Frequently Asked Questions (FAQs)
Q: How do I navigate between active and archived risks on the Risks Overview page?
A: You can easily toggle between active and archived risks using the available tabs or filters. This helps you maintain a comprehensive view of both current and historical risks within your organization.
Q: What is the first step when adding a new risk?
A: When adding a new risk, you begin by entering basic information such as the name, a short name and an icon to visually represent the risk. This helps to quickly capture essential information about the risk.
Q: Can I specify the impact and likelihood of a risk during initial setup?
A: Yes, you can optionally specify initial impact and probability levels to effectively prioritize risks. These values are used to determine urgency in risk events.
Q: How can I fully configure a risk?
A: You can start the configuration process by clicking the ‘Configure Risk’ button. This guides you through critical steps, from basic details to comprehensive risk management, via a guided journey.
Q: What does the 'Applied Controls' feature mean during risk configuration?
A: 'Applied Controls' allows you to view the risk controls directly associated with the risk. This allows you to learn more about the relevance of the control to the risk. For more information see the Risk Control page.
Q: How do I involve operating entities and participants in managing a risk?
A: You can assign operational entities affected by the risk and identify key personnel involved in risk management. Assigning a "Primary Participant" is essential for establishing clear responsibility and leadership for the risk.
Q: What is the importance of regularly updating risk assessments?
A: Regularly updating risk assessments is critical to ensure that risk management is integrated into daily operations and to foster a culture of risk awareness throughout the organization. This leads to better decision-making, improved operational resilience and a more proactive attitude toward potential threats.