You may wish to use this process to rate your risks if:
- You have an ad-hoc change to make to your risk rating in between required risk reviews.
- You have 'no review required' set-up on your risks (no notifications) and an active team in the Assurance system, regularly reviewing the risk register.
- This can count as a review if the risk is not overdue. The risk review due date will not update following this process, if it is overdue.
- To assess or re-assess a risk either Edit the whole risk or click on the pencil icon next to the risk matrix. If the risk is being created for the first time, move directly to the next step.
- Move the sliders to assess the risk. The definitions of Likelihood, Consequence and Control Effectiveness appear, and the Risk Rating will change based on the levels of likelihood and consequence selected. To view the full definitions, select the More button to the right.
- Below the assessment, Risk Review frequency fields can be edited if the setting has been activated in the risk template to allow for this.