Leave Feedback

Appendix

Navigation and Control Icons

Navigation and control within the application is by action icons. These icons are unlabelled but tool tips are revealed when you hover the mouse pointer over them. The icons used and their meanings are as follows:

Description Icon Description Icon

Assessed

New version of a risk

Add new

Return

Cancel

Run search

Clear filters

Save form contents to database

Clone a Risk

Select User

Delete Risk

Show less filters

Decrease sequence number

Show more filters

Generate Report

Undo data entries to screen form

Increase sequence number

Upload document file to store

Kick off workflow

View Audit Trail/History

Link a Document

View document

 

E-mails and Notifications

Here is a complete list of Emails and Notifications triggered by the system.

Trigger Received By Email Message

When a Risk is raised

 

 

When a Risk Factor is calculated (which happens on the Save of a Risk record) and the Risk Factor is High

The Risk Type Owner and all users in the Risk Type owning group (if such a group is identified)

 

When an attempt is made to set a Risk’s status to Approved and the Risk Owner is not the Owner of the Risk’s Type

The Risk Type Owner and all users in the Risk Type owning group (if such a group is identified)

 

 

When a Workflow is Kicked Off

The Actionee of the first Action in the Workflow

 

When follow-up Actions are issued

Actionee

 

When a Risk Suggestion is created

User who suggested Risk. Also sends the user responses to the suggestions

 

When a suggested Risk is moved to Under Assessment

User who suggested Risk. Also sends the user responses to these suggestions

 

 

When a Risk is evaluated as “high”

If the Risk Type owner is not the session user, they are sent an email to notify them of evaluation

 

When a Risk changes ownership

New Risk Owner (unless they are the current session user)

 

If a Risk needs to be approved

Risk Type Owner

(Unless Risk Type Owner is the person who passed the risk to approval stage)

 

If an item is linked or unlinked in the associated item screen

Owner of the associated item

 

 

Glossary

Term Definition

Action

A task, the details of which are stored in a record, having a short descriptor, an Actionee (i.e. doer), a start date, a number of days allowed to complete, a completed date. One or more Actions in sequence form a Workflow.

Approval

The process step in which a Risk is formally adopted if, after Assessment, it is decided it has to be managed – e.g. annually reviewed, mitigated.

Approved

The fourth and final status given to a Risk. It follows the status of Assessed.

Assessed

The third status given to a Risk following Under Assessment.

Assessment

Process in which a Risk or threat is evaluated in terms of its Likelihood of it happening in a specified time period AND the Impact it will have.

Asset Type

A grouping of assets of a similar nature. An attribute of a Risk, for analysis, reporting or management information purposes.

Coordinator

The person responsible for the administration and management of Risks handling.

Detectability

A measure of the visibility of a threat – i.e. to what extent it can be predicted or, from the opposite point of view, is hidden.

Impact

The effect of a Risk or threat happening. Can be measured in any chosen terms (say cost, reputation, measure of health, quality of life, delay, etc.). To determine a Risk Score, each degree of Impact (Severity) has to have a numerical value.

Launch

The status given to a Risk at the time its details are being entered into the system.

Likelihood

The likelihood of a Risk or threat happening within a specified time period measured in percentage terms. This could be estimated or assessed in qualitative terms (say high, medium, low) before conversion to a numerical value.

Metadata

A set of data that describes and gives information about other data. Additional fields for collecting information in the Risk Details screen.

Mitigation

An action taken, or set of actions undertaken, or measures instigated, that have the intended effect of reducing the Likelihood and/or Impact of a Risk.

Owner

The person with overall accountability for a specific Risk from Assessment through to Mitigation completion.

Phrase

Text (one or more words) which is placed on a screen form (as a title, label or tool tip) or in an email, modifiable by Users who are a Risk Administrator.

Predictability

A measure of confidence associated with the timing (as opposed to probability) of a threat.

Risk

The term used to identify a threat to (e.g.) life, health, financial stability, profitability, efficiency, safety, quality, etc.

Risk Administrator

A user role with permissions to view, set up, change contents of, and delete any record in the application. Member of system group RSKADM.

Risk Type

A one, two or three words indication of the general nature of a Risk or the area in which it could arise, which if not sub-divided, may govern the criteria for assessing the impact of a Risk and the person or persons accountable for its Mitigation.

Risk Incident

An event, details of which may have been first recorded in Incident Manager, which are recorded because it is considered to expose a Risk which should be managed.

Risk Factor

The product if the Weights of Impact, Likelihood and Detectability

Risk Level

An interpretation of Risk Score into High, Medium and Low.

Risk Manager

A user role with permissions to view, set up, change contents of, or delete any Risk record in the application. Can view (only) the details of Risk Type records and Risk Administration entity records. Member of system group RSKMGR.

Risk Register

A table of Risks records which include Risk attributes and associations with other entities (e.g. Assessments, Documents)

Risk Score

A value calculated from the Weights attributed to the Likelihood of Risk the Impact of Risk and the Detectability of Risk. Often the calculation is a simple multiplication.

Risk User

A user role with permissions to view (only) the stored records of any/all Risks and Risk Types. Cannot see/access Workflow or Risk Administration records at all. Member of system group RSKUSR.

Settings

A number of values that govern the behaviour of Risk Manager. Also known as Module Settings.

Severity

Rating for the degree or extent of Impact.

Status

An indicator of the stage of processing of a (Submitted, Under Assessment, Assessed, Approved) The first status of a Risk.

Submitted

The first status of a Risk.

Tags

Simple identifiers used to help organise risks

Tooltip

A tooltip is the text that is revealed when the mouse is hovered over an icon, link or metadata form

Type

An attribute of an Impact, Likelihood or Detectability which groups together instances of these entities which are applicable to the Type of Risk.

Under Assessment

The second status in the Lifecycle of a Risk. For a Risk it follows Submitted and precedes Assessed

Weight

A numeric value within a pre-defined allowable range, that applies to Impact. Likelihood and Detectability that indicates the respective importance when calculating a Risk Score and Level of Risk.

Workflow

A documented series of Actions. In the application there are workflows for processing Assessments, and for processing Risks with High, Medium and Low Level Risk Scores.