Assurance supports three types of risk matrices. By default, your Assurance site is set up with a one risk matrix. You can customise the risk matrix setup to suit your organisation's risk framework. Your chosen risk matrix setup will be used across all register templates with the risk assessment field.
In this article, you will learn about:
Setting Up the Enterprise Risk Matrix
Risk Matrix Field | Description |
---|---|
Risk Matrix Type |
Select the Risk Matrix Type, that your organisation's risk framework uses from the following options:
|
Control Rating |
Also known as control effectiveness. This is the rating for the controls on a particular risk. If you organisation's risk framework uses Control Rating, you can enable this by selecting Control Rating to Yes to rate the controls for a risk. |
Target Risk |
Also known as risk tolerance, risk appetite or acceptable risk level. This allows you to determine the maximum amount of risk that is acceptable to the organisation. If your organisation's risk framework uses Target Risk, you can enable this by selecting Target Risk to Yes to set the desired optimal level of risk. When a user is assessing a risk, they will see the Target Risk slider, which allows them to set the Target Risk. Target Risk will enable you to generate reports such as the Risk Gap Report and view snapshots such as the Risk Gap. |
Risk Rating |
Once you have selected the Risk Matrix Type, you can configure the risk matrix to reflect your organisation's risk framework. Select on the cells of the matrix to adjust the risk rating associated with that particular level of likelihood and consequence. Select on the blue tick to save changes. |
Comments
0 comments
Please sign in to leave a comment.