Tel +44 114 282 3338
E-mail: INFO@QUALSYS.CO.UK

Glossary of terms: EQMS Risk Manager

Follow

Here are a few key terms from the EQMS Risk Manager module. For further terms, either use the in site help guidance within EQMS or contact your system administrator.

Term Meaning

Action

A task, the details of which are stored in a record, having a short descriptor, an actionee  (i.e. doer), a start date, a number of days allowed to complete, a completed date.  One or more Actions in sequence form a Workflow.

Approval

The process step in which a Risk is formally adopted if, after Assessment, it is decided it has to be managed – e.g. annually reviewed, mitigated.   

Approved

The fifth and final status given to a Risk. It follows status of Assessed.

Assessed

The fourth status given to a Risk following Under Assessment and preceding Approved.

Assessment

Process in which a Risk or threat is evaluated in terms of its Likelihood of it happening in a specified time period AND the Impact it will have.

Asset Type

A grouping of assets of a similar nature.  An attribute of a Risk, for analysis, reporting or management information purposes. 

Coordinator

The person responsible for the administration and management of Risks handling.

Detectability

A measure of the visibility of a threat – i.e. to what extent it can be predicted or, from the opposite point of view, is hidden.

Impact

The affect of a Risk or threat happening. Can be measured in any chosen terms (say cost, reputation, measure of health, quality of life, delay, etc). To determine a Risk Score each degree of Impact (Severity) has to have a numerical value.

Launch

The status given to a Risk at the time its details are being entered into the system.

Likelihood

The likelihood of a Risk or threat happening within a specified time period measured in percentage terms. This could be estimated or assessed in qualitative terms (say high, medium, low) before conversion to a numerical value.

Mitigation

An action taken, or set of actions undertaken, or measures instigated, that have the intended effect of reducing the Likelihood and/or Impact of a Risk.

Owner

The person with overall accountability for a specific Risk from Assessment through to Mitigation completion.

Phrase

Text (one or more words) which is placed on a screen form (as a title, label or tool tip) or in an email, modifiable by Users who are Risk Administrator.

Predictability

A measure of confidence associated with the timing (as opposed to probability) of a threat.  

Processed

The third stage and final Status in the lifecycle of a Risk Suggestion.

Raised

The first Status in the Lifecycle of a Risk Suggestion.

Risk

The term used to identify a threat to (e.g.) life, health, financial stability, profitability, efficiency, safety, quality, etc.

Risk Administrator

A user role with permissions to view, set up, change contents of, and delete any record in the application. Member of system group RSKADM.

Risk Category

A one, two or three words indication of the general nature of a Risk or the area in which it could arise, which if not sub-divided, may govern the criteria for assessing the impact of a Risk and the person or persons accountable for its Mitigation.

Risk Incident

An event, details of which may have been first recorded in Incident Manager, which are recorded because it is considered to expose a Risk which should be managed.  

Risk Factor

The product if the Weights of Impact, Likelihood and Detectability

Risk Level

An interpretation of Risk Score into High, Medium and Low.

Risk Manager

A user role with permissions to view, set up, change contents of, or delete any Risk Suggestion or Risk record in the application. Can view (only) the details of Risk Category records  and Risk Administration entity records. Member of system group RSKMGR.

Risk Register

A table of Risks records which include Risk attributes and associations with other entities (e.g. Assessments, Documents)

Risk Score

A value calculated from the Weights attributed to the Likelihood of Risk the Impact of Risk and the Detectability of Risk. Often the calculation is a simple multiplication.

Risk Suggestion

A possible threat of loss, damage or injury, which it is suggested should be handled by Risk management.

Risk User

A user role with permissions to set up Risk Suggestions, and to view (only) the stored records of any/all Risk Suggestions, Risks and Risk Categories. Cannot see/access Workflow or Risk Administration records at all. Member of system group RSKUSR.

Settings

A number of values that govern the behaviour of Risk Manager.  Also known as Module Settings.

Severity

Rating for the degree or extent of Impact.

Status

An indicator of the stage of processing of a Risk Suggestion (Raised,  Under Assessment,  Processed)  or a Risk (Submitted, Under Assessment, Assessed, Approved)

Submitted

The first status of a Risk.

Type

An attribute of an Impact, Likelihood or Detectability which groups together instances of these entities which are applicable to the Category of Risk.

Under Assessment

The third status in the Lifecycle of a Risk or a Risk Suggestion. For a Risk it follows Submitted and precedes Assessed. For a Risk Suggestion it follows Raised and precedes Processed. 

Weight

A numeric value within a pre-defined allowable range, that applies to Impact. Likelihood and Detectability that indicates the respective importance when calculating a Risk Score and Level of Risk.

Workflow

A documented series of Actions. In the application there are workflows for processing Assessments, and for processing Risks with High, Medium and Low level Risk Scores. 

 

Have more questions? Submit a request

Comments