Learn about risk management in 6clicks
Table of contents:
Introduction
You can find risks in 6clicks in many places, but they are centrally managed in the Risks module.
The Risks module includes Registers, Reviews, Libraries, and Workflow.
The 6clicks Risk Register is designed to support the full lifecycle of risk management, from creating risks, assessing risks to treating them.
6clicks also allows teams to identify and assess risks to gather an in-depth risk profile of the organisation, team or department. Risk identification can be done using the out-of-the-box 6clicks risk libraries which contain hundreds of risks across over forty risk domains (please contact support if you are interested in adding these libraries), or create your own risk libraries. Once identified, risks can be added to the registers directly or via the risk review process.
6clicks allows for flexibility in your risk management. This means that risks can also be attested to, linked or automated in QBAs or RBAs, reported on, measured using metrics, and more.
Risk Register
The 6clicks Risk Register allows you to manage the full lifecycle of risk. The risks register stores risks that have been identified from risk libraries, created on an ad-hoc basis, imported to the register, or created via assessments and assessment reviews.
Create Risks
To create a single risk in the Risks/Registers module, reference this article which discusses the creation of a single risk in the registers, and outlines the possible details and linkages (as illustrated in the image below) that can be created and managed.
For bulk importing risks into your registers, head here.
For creating risks in your risk libraries, so that they can be added to your registers if and when they need to be actioned, head here.
The risk registers are highly customizable, and so are their risks and risk assessments.
Risk can be linked to your internal policies and external standards, laws, and regulations. You can create these linkages manually, or by reviewing or responding to assessments.
Learn how to link risks to policies or standards by reviewing Question-Based Assessments (QBAs), or by responding to Requirement-Based Assessments (RBAs).
Treatment plans can be created and linked to risks for remediation management. These treatment plans can be linked to policies or standards to further illustrate their necessity.
Libraries
Risk libraries allow for a bank of risk templates to be pre-prepared for use in 6clicks. These are not live records and do not appear in the Risk Register. Libraries provide a way for organizations to define risk templates or logical risk collections, and then push these to the risk register if and when they occur. You can create these libraries at either the Hub level or the Spoke level. You can choose to share the risk libraries that you create at the Hub with your Spokes.
Create Risk Library
Create and use your own risk library by following the instructions in this article.
The 6clicks Risk Libraries include hundreds of risk templates covering over 40 risk domains. The risk library stores risks that may have a potential impact on the organization. Select the relevant risks from the risk libraries to add to your register.
Workflow
You can use risk workflow to manage a risk over its lifecycle to ensure effective management. Allow/disallow editing of certain fields, mandate fields to be completed, customize workflow stages and more with workflow.
Risk reporting
6clicks offers various risk reporting capabilities, including the below and more.
Illustrated below is an example of a populated Risk Matrix. You can create multiple matrices to visualize different aspects of your risks, or customize your matrix to suit the needs of your organization. Head here to learn more.
You will find more information on managing risks in your 6clicks environment in the articles located here.