Current Assessments for all four types of risks are conducted in the same way. The Current Strategic Risk Assessment process is shown below, whereby selections of Current Likelihood, Consequence and Effectiveness of Controls generates a Current Risk Rating. However before completing the Assessment, the Risk Controls are defined so that you can confirm the Effectiveness of them in their current form.
Please refer to the ‘Risk Controls’ section for more information on creating and managing your Risk Controls.
STEP 1: Specify the following details when completing a Current Risk Assessment.
|
|
The visibility of some fields can be controlled by the Risk Manager from Risk Framework>Risk Settings > Field Configuration area. |
|
Field |
Description/Instructions |
Mandatory/Optional |
Strategic |
Operational |
Project |
|
|
|
|
|
|
|
|
|
|
|
|
Current Assessment |
|
||||||
|
Effectiveness of Controls |
Select the Effectiveness of Controls Rating from the dropdown list provided. NOTE: Effectiveness of Controls Ratings is defined by the Risk Manager within Risk Settings. |
Mandatory NOTE: The Risk Manager can activate this area from within Risk Settings. If deactivated, this field will not show. |
|
|
|
|
|
|
Consequence |
Select a consequence rating by clicking the ‘Select’ button. This will allow a pop up window to show for you to select the consequences based on the category description. This is called the consequence table to help you identify ‘consequence of the risk’. Users can simply click the relevant cell to select a consequence. This grid is defined and maintained by the Risk Manager from within Risk Settings. |
|
|
|
|
|
|
|
Likelihood |
Select a Likelihood by clicking on the ‘select’ button. This will allow a pop up window to show allowing you to select a likelihood based on a description to help you identify it. NOTE: The Likelihood list is defined by the Risk Manager within Risk Settings. Users can simply click the relevant cell to select a Likelihood. This grid is defined and maintained by the Risk Manager from within Risk Settings. |
Mandatory |
|
|
|
|
|
|
Risk Treatment and Solutions |
|
||||||
|
Risk Treatment Plan Options |
Select whether you want to Accept, tolerate the risk. You can also select if the risk exceeds Tolerance limit. |
Optional |
|
|
|
|
|
|
Risk Actions |
Add risk actions by simply typing the Risk Action title, linking it to a responsible officer, Business Unit, Start and end Date, Review frequency, giving it a Action Status and % complete. To save and add this to the table, click on the adjacent add icon. See below for further details. |
Optional |
|
|
|
|
|
Risk Actions
Risk actions are entered against a risk if you are required to put other actions in place in order to mitigate the risk further (in addition to the current controls that you may have in place). If the effectiveness of the current controls is weak, then risk actions should be identified in order to action on reducing the risk or may feed into creating a new control. Adding risk actions are however optional when completing a current risk assessment.
Build your risk actions through the table specified. Ensure you fill out the mandatory fields which are highlighted with a red astricts.
|
Field |
Description/Instructions |
Mandatory/Optional |
Strategic |
Operational |
Project |
|
Risk Action |
Risk Action title |
Mandatory |
|
|
|
|
Responsible Officer |
Assign a Responsible Person who will be responsible for monitoring and reporting on the status of the risk action. This will enable a link to this Risk Action to display on the designated person’s homepage. Dropdown shows staff list for selection. |
Mandatory |
|
|
|
|
Business Unit |
Assign a Business Unit for this risk action. This is the Business Unit where the action should sit within. |
Mandatory |
|
|
|
|
Start Date |
Select a start date to which this action is due to start. Click on the calendar icon to select the date within the calendar. |
Mandatory |
|
|
|
|
End Date |
Select an end date to which this action is due to complete. Click on the calendar icon to select the date within the calendar. |
Mandatory |
|
|
|
|
Review Frequency |
Select a frequency in the drop down which the action needs to be reviewed and updated. |
Mandatory |
|
|
|
|
Action Status |
Select the current action status. Generally all actions will start off in a ‘Not Started’ state. |
Mandatory |
|
|
|
|
% Completed |
If the action status is ‘Not Started’, then leave the % complete as 0. If the Status is ‘in Progress’ then ensure you enter in a % complete value between 1 – 99. |
Mandatory |
|
|
|
|
Control Title |
If an action is linked to one of your controls, you may link the control through this area. Note: risk actions can also be created and linked through the risk controls section. |
Optional |
|
|
|
Ensure you click on the ‘add’ 
button to add your risk action to the table before you save.
STEP 2: Click on the 'Save' 
button once you have completed all required fields on the page.
After saving, an image will appear which shows the Calculated ‘Current’ Risk Rating.
|
|
After the Current Risk Assessment is saved, the Impact and Likelihood and fields in the Initial Risk Assessment are locked and cannot be edited, unless changed within the Framework> System Settings. However, to alter the Impact and Likelihood fields in the risk assessment, further Current Risk Assessments can be conducted. Modifications to these assessments can be traced using the History icon. |
Copyright © 2014-2015 CAMMS Online Help. All rights reserved.
Last revised: September 23, 2018
