Creating and Managing Risk Reviews

Learn how to create and manage a risk review in 6clicks

Table of Contents:

Creating a Risk Review

To create a Risk Review, (1) go to the Risk Register, (2) select the relevant risks and (3) click Create a Risk Review.

This will open a modal on the right-hand side.

This modal will summarise who are the Risk Owners of the selected Risks. Enter the following details and then click Create to proceed.

  • Risk Review Name - Mandatory, this will be seen by the Risk Owners and Review Owners
  • Description - Optional
  • Review Owners - Mandatory, Owners must have full access to the selected Risks
  • Start Date - Defaults to the current date
  • Due Date - Optional, will drive task notifications

Once created, the Review Owners and Risk Owners will be notified and guided to complete the Risk Review.

Please note:

  • Review Owners will have access to review all Risks within the Risk Review
  • Risk Owners will only have access to review their assigned Risks within the Risk Review

Risk Reviews and Workflow Rules

When using Risk Reviews, any rules set for Stage Access and Stage Requirements is overruled to allow for full access for reviewers to make changes to the linked Risks.

Managing an Existing Risk Review

To access a Risk Review, (1) go to Reviews and (2) click on the name of a Risk Review.

This will open the Risk Review. From here, there are a series of things that can be viewed/updated.

Editing Overview Details

To edit the Risk Review Overview details, click the on the right-hand side of the Overview tab.

Make any changes and click Save or Cancel at the bottom-right of the tab to proceed.

Adding/Removing Risks

To add or remove Risks to the Risk Review, (1) go to the Risks tab and (2) click Add/Remove Risks.

This will open a modal on the right-hand side showing Risks available within the Risk Register.

Please note: Only Risks that Review Owners have access to will show in the above screen.

Click the + icon next to Unlinked Risks to add them to the Review. Click the icon next to Linked Risks to remove them from the review.

Tips:

  1. Use the search bar to search for specific Risks
  2. Toggle between All and Linked Risks

Completing a Risk Review

As a Review Owner, you can access an assigned Review via the My Tasks page.

Click on the name of the Risk Review to continue.

Marking a Risk as Reviewed

Review Owners can review Risks alongside the Risk Owner.

This Section covers reviewing Risks as the Review Owner. See here for the article covering reviewing Risks as the Risk Owner.

Once within the Risk Review Overview (as shown above), go to the Risks tab.

From here, Risks can be marked as reviewed by checking the Mark as Reviewed checkbox on the right-hand side of the page.

Risks can also be reviewed from within the Risk itself. To do this, click the name of the Risk. This will open the Risk Overview page for this Risk.

A grey banner will appear at the top of the page. Click Show details to continue.

This will expand the banner to show details of the Review.

From here, Review Owners can:

  1. Use the dropdown next to the Review Name to cycle between different Reviews linked to the selected Risk
  2. Click on the Risk Tiles to cycle between Risks linked to the selected Risk Review
  3. Use the checkbox to mark the selected Risk as Reviewed

Please note: The Risk Review banner will appear when accessing Risks under review directly from the Risk Register.

Updating the Review Status

Review Owners can update the Review Status by using the Status dropdown in the Risk Review Details page.

The available statuses are:

  • New - The default status automatically set upon creating a Risk Review.
  • In Progress - The Review will automatically have this status once the first Risk has been marked as reviewed.
  • Completed - This status can be selected once the Review is In Progress. Not all risks need to be reviewed to allow this.
  • Closed - This status can be selected prior to the Review being completed as a way to cancel Reviews.

Once a Review is either Completed or Closed, Review Owners and Risk Owners will no longer be able to view and update the Review.

Auditing Risk Review History

To audit any changes made within a Risk Review, open the Risk Review Details page for that Review and go to the History tab.

This will show a full audit trail for any changes made during the Review. This includes (1) who made the change, (2) details of the change and (3) the time and date of the change.

Archiving/Deleting a Risk Review

To archive an existing Risk Review, (1) select the Review using the checkbox next to the Review Name and (2) click Archive at the top of the table.

Previously archived Reviews can be viewed by clicking the Archived filter (3). You are able to Restore or Delete Reviews once Archived.