To assess your risk, click on “Risk management” in the menu. Click on risk map and find the risk you wish to assess. You can choose a likelihood for the risk (very low, low, medium, high, very high), and add a comment (optional). It is possible to customize the assessment.
There are now five different options to set a response: Not applicable, Transfer, Avoid, Reduce, Accept.
You want to add a mitigating control?
If you choose Reduce as response to the risk, you have the opportunity to add a control as a mitigating action.
Add the appropriate control and select risk coverage. Click "Add control".
You can add multiple controls if needed. Click on the control title to view details concerning the control. You need a step by step guide on how to fit your riskmap? Go to Quickstart: Fit your first riskmap
If selecting avoid, transfer or not applicable, the residual impact and likelihood will automatically be removed.
From the heat map you’ll now be able to see your entity’s risk level and toggle between inherent and residual impact and likelihood.
You can sign off and conclude the risk assessment by ticking in the bottom right corner. The risk assessment will then be put in read only mode. You will be able to edit the assessment again by clicking on "Start reassessment".
The "Complete assessment" feature logs the last amendment of the assessment.
See risk assessment activity
When a risk has been assessed, you can see the assessment activity of the risk by clicking "Activity" in the top right corner. In the activity list you can get an overview of the actions made in the risk assessment, and you can jump to the date of the action to see the historical data of the risk.