Risk Management

Last updated on 

Risk Management

The Risk Management module offers a centralized platform to identify, filter, and manage organizational risks. Users can review risks by category, treatment, assignment status, ownership, or name. The module ensures consistent risk tracking and effective remediation monitoring.

Filtering Risks by Category

This feature enables users to view risks by category, allowing them to focus on specific types such as operational, technical, or compliance risks.

  1. Open the Risk Management page.
  2. Select the category filter option.
  3. Choose the desired risk category.
  4. Review the filtered risk list on the screen.

Filtering Risks by Treatment Type

This feature enables users to filter risks by treatment approach and monitor how each risk is managed.

  1. Access the Risk Management page.
  2. Select the treatment filter.
  3. Choose the appropriate treatment type.
  4. Review the filtered risks.

Filtering Risks by Assignment Status

This feature lets users filter risks by assignment status, making it easy to identify unassigned risks that need an owner.

  1. Open the Risk Management page.
  2. Select the assignment status filter.
  3. Choose the desired status.
  4. Review the filtered list of risks.

Filtering Risks by Assigned Employee

This feature enables users to view risks assigned to a specific employee, supporting accountability and workload assessment.

  1. Open the Risk Management page.
  2. Select the employee filter option.
  3. Choose the desired employee from the list.
  4. Review the assigned risks for the selected employee.

Searching Risks by Name

This feature lets users quickly locate specific risks by name, which is especially helpful when managing large risk registers.

  1. Open the Risk Management page.
  2. Select the search field.
  3. Enter the risk name or keyword.
  4. Review the displayed search results.

Risk Library

The Risk Library is a centralized repository of predefined risks that can be reused throughout the organization. It promotes consistent risk identification by providing standardized entries aligned with security, privacy, and compliance practices. The Risk Library also reduces manual effort and ensures uniform risk descriptions in the risk register.

Viewing the Risk Library

This section outlines how to access and review risks in the Risk Library.

  1. Open the Risk Management module from the main navigation.
  2. Select the Risk Library submenu.
  3. Review the displayed list of predefined risks.
  4. Scroll through the list to view available risk entries.

Searching Risks in the Risk Library

This feature enables users to search for risks by name or keyword.

  1. Go to the Risk Library page.
  2. Click the search field.
  3. Enter the risk name or keyword.
  4. Review the search results.

Filtering Risks in the Risk Library

This feature enables users to filter risks by attributes such as category or risk type.

  1. Open the Risk Library page.
  2. Click the filter option.
  3. Select the appropriate filter criteria.
  4. Review the updated list of risks.

Viewing Risk Details from the Risk Library

This feature enables users to access detailed information about a selected risk.

  1. Go to the Risk Library page.
  2. Select a risk from the list.
  3. Select the risk detail view.
  4. Review the risk description and associated details.

Adding Risks from the Risk Library to the Risk Register

This feature enables users to add predefined risks directly to the Risk Register.

  1. Go to the Risk Library page.
  2. Select the relevant risk entry.
  3. Click Add to Risk Register.
  4. Confirm your selection.
  5. Review the added risk in the Risk Register.

Maintaining Consistency Using the Risk Library

The Risk Library supports standardized risk management practices by ensuring consistent risk naming and descriptions across the organization.

We recommend using risks from the Risk Library to maintain consistency and avoid duplication when managing risks at scale.

Risk Reports

The Risk Reports module offers both summary and detailed views of risk data to support monitoring, analysis, and reporting. Users can review risk status, trends, and remediation progress in a structured format for internal review and decision making.

Accessing Risk Reports

This section outlines the steps to access the Risk Reports module.

  1. Open the main navigation menu.
  2. Select the Risk Management module.
  3. Select the Risk Reports submenu.
  4. Review the available risk reports.

Viewing Risk Summary Reports

This feature offers a concise overview of all recorded risks.

  1. Open the Risk Reports page.
  2. Select the risk summary view.
  3. Review the total number of risks and their status distribution.
  4. Use the summary to identify areas that need attention.

Viewing Risk Status Reports

This report presents risks organized by their current status, such as open or mitigated.

  1. Open the Risk Reports page.
  2. Select the risk status report.
  3. Review risks categorized by status.
  4. Identify risks that require follow-up actions.

Viewing Risk Treatment Reports

This report offers an overview of risk treatment approaches used throughout the organization.

  1. Access the Risk Reports page.
  2. Select the risk treatment report.
  3. Review risks by treatment type.
  4. Assess whether treatments align with the organizational risk strategy.

Viewing Risk Ownership Reports

This report presents risks according to assigned ownership.

  1. Access the Risk Reports page.
  2. Select the risk ownership report.
  3. Review risks organized by responsible owner.
  4. Identify workload distribution and any ownership gaps.

Using Risk Reports for Review and Decision Making

Risk Reports facilitate structured reviews and continuous monitoring of risk posture.

Note: Risk Reports are intended for monitoring and review purposes and do not replace detailed risk analysis performed in the Risk Register.

Risk Attachment

The Risk Attachment feature enables users to link supporting documents to individual risks, ensuring all related evidence is stored and accessible in one location for documentation, traceability, and audit readiness.

Accessing Risk Attachments

This section outlines how to access the attachment area for a specific risk.

  1. Go to the Risk Attachment module.
  2. Select a risk from the list or register.
  3. Open the risk details page.
  4. Navigate to the attachment section.

Uploading Risk Attachments

This feature enables users to upload files associated with a specific risk.

  1. Go to the Risk Attachment module.
  2. Click + Add Report
  3. Select a file from your device and fill the fields.
  4. Confirm the upload.
  5. Ensure the file appears in the attachment list.

Viewing Risk Attachments

This feature enables users to review uploaded attachments.

  1. Go to the Risk Attachment module.
  2. Access the attachment section.
  3. Select an attachment from the list.
  4. Open or download the selected file to review its contents.

Downloading Risk Attachments

This feature enables users to download attachments for offline access.

  1. Navigate to the attachments section on the Risk Attachment module.
  2. Click download button on an attachment card.
  3. Save the file to your device.

Managing Risk Attachments

This feature enables basic file attachment management.

  1. Open the risk attachment module.
  2. Review the list of attached files.
  3. Delete outdated or incorrect attachments if allowed.
  4. Confirm your changes to update the list of attachments.

Using Risk Attachments for Audit Support

Risk attachments provide supporting evidence for risk identification, assessment, and treatment activities.

Please upload relevant and current documents to ensure audit readiness and accurate documentation.