Adding and managing risks
After your organization has configured the Risk Manager solution you can begin building your risk library. While risk types vary by industry, operations, and regulatory environment, the process of adding and assessing risks follows a structured and repeatable workflow. Each risk must be identified, associated to related entities, and assessed. Then, your organization can decide the best method to prioritize and mitigate those risks.
Add a risk to Risk Manager
Use Risk Manager, to track and manage risks by recording key attributes, statuses, and relationships.
Example
Scenario
You are a Risk Manager at a manufacturing company. Due to recent global disruptions, there’s a growing likelihood of supplier delays. You decide to capture this as a high-priority operational: Supply Chain Disruption.
Process
Open the Risk Manager app, add a new risk - Supply chain disruption, and save the risk.
For detailed steps, see Working with risks
Result
The risk (Supply chain disruption) is saved with the status Draft.
Identify and validate the risk
After creating the draft, you can add additional information and move it forward in the workflow. You can enter essential information about the risk and move it to Identification and then Analysis status.
Example
Scenario
You've added the risk (Supply chain disruption). Now you want to identify and validate it so your can begin assessments and mitigation planning.
Process
Open the draft risk in Risk Manager. Add critical information and move the risk through statuses Identification and then Analysis.
For detailed steps, see Working with risks
Result
The risk has all the required information and is an identified and validated risk in your organization, ready for further assessment and control planning.
What's next?
After your risks are identified and validated, you can start associating them with controls. To continue, see Adding and managing controls.
