Reviewing a Risk

A risk may only be maintained by its author, owner, a coordinator or an administrator.

  1. Go to the Home page of the site .

  2. Select the organisation unit of the risk/issue from the side menu.

  3. Find the risk/issue in the risk list and click on it's title.  You may need to use the vertical scroll bars to see the whole list.

  4. The selected risk is then displayed in a tabbed page.  If you are the author or owner of the risk/issue or if you have co-ordinator or administrator access over the organisation unit, the risk/issue maintenance page will be displayed and you will be able to make changes.  Otherwise a read-only version of the page is displayed.  See Viewing a Risk.

  5. Make any changes to the basic risk/issue details on the Detail tab.  If you change the Owner an email will be sent to the new owner.  If you try to close a risk whilst it still has open actions a pop-up message will appear.  If you convert a risk to an issue its Likelihood rating will be set to 5 and the Overall Rating amended accordingly.  Converting a risk to an issue will not automatically affect its Likelihood rating but you may go to the impact tab and change it if you wish.

  6. Click on the Impact tab  and make any changes to the impact ratings or to theEscalation Level.  If you change the financial rating and have enter details on the Value tab you will be prompted to alter the values in line with the new rating.  If you wish to remove a rating click the associated clear link.  If you need guidance on what ratings to set click the help links .

  7. Click on the Controls tab .

  8. Click on the Action Plan tab .  There is a tick box on the Action Plan tab which allows completed actions to be shown or hidden from view.  This allows current actions to be seen more easily when the number of completed actions would cause a scroll bar to appear.  The default setting for this tick box depends on your overall system settings.  If you have administrator access you may remove an action by clicking the delete link next to its title.

  9. Click on the Audit tab .  A narrative entry may be added to the audit log by clicking the Create Audit Entry button .

  10. Click the Submit button .

An audit trail of changes is maintained by the system so that administrators can see when material changes have been made to the risk records.

Note

  • When the organisation unit is changed the applicable keywords and impact criteria may also change.  If a keyword which has been selected for the risk is no longer applicable a warning will be given.  Likewise, any impact criteria which are no longer valid will be displayed in a pop-up warning.

  • If the administrator has changed the keywords applicable to an organisation unit since the risk/issue was lasted reviewed you may see a warning indicated that some keywords are no longer valid.  Invalid keywords may be left attached to the risk but can be removed by simply bringing up the keywords pop-up and clicking ‘OK’ without necessarily making any other changes.

  • Actions may only be deleted by those with administrator access.

  • Controls may only be deleted by those with administrator access.

  • The system will ensure that a person will only receive one email regarding a risk/issue for each set of changes..

  • Clicking the print link in the toolbar will display an individual risk report based on the current risk or issue.