Assessing inherent risk
Assess the risk that exists when no controls or other mitigating factors have been put in place.
Before you start
Before you can assess inherent risk, you must do the following:
- identify and associate strategic objectives and operating segments see Setting up your Strategy Map
- develop assessment criteria see Configuring risk scoring settings
- identify risk within your company see Importing and adding risks
How it works
Inherent risk is a calculation that derives from an assessment of an untreated risk. You assess inherent risk based on the risk scoring framework defined by your company.
Assessing inherent risk involves:
- associating risks with strategic objectives defined in the Strategy Map
- assessing risk across all operating segments on multiple risk scoring factors
Once you specify scores, the Strategy app automatically calculates the inherent risk.
Permissions
Only Strategy Admins or Oversight Executives can assess inherent risk.
Steps
Note
- Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
- If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
Navigate to the Assessment tab
- Open the Strategy app.
- Do one of the following:
- In the Risk Profile, click the risk you want to assess.
-
Click the Assessment tab if it does not open by default.
Apply tags to a risk
If a Strategy Admin or Oversight Executive has created tags, you can apply those tags to risks. Then, you can use those tags to filter risks on the Risk Profile, Risk Heatmap, and Strategy Heatmap.
- To create a new tag to apply to the risk, click in the Risk Tags field, enter a name for the tag, and press Enter.
- To apply an existing tag to the risk, click the Risk Tags field and select the appropriate tag(s).
- To remove a tag from the risk, click next to the tag name.
Associate a risk with strategic objectives
Assess the risk
- Specify a score using the 3, 5, 10 point or a custom scale to assess the risk across operating segments. You can automate risk assessments using assessment drivers. For more information, see Automating strategic risk assessments.Tip
You can use the following keyboard shortcuts:
- Edit a score Select value + # ("1-9" for points values between 1-9, and "0" for a point value of 10).
- Navigate forwardTab
- Navigate backwardsShift +Tab
- Exit from Assessment tabEsc
- Optional. To clear a score, click the appropriate score and select Clear.Tip
To quickly clear a score, click the appropriate score and press X, Delete, or Backspace on your keyboard.
- Repeat steps 1-2 for each risk scoring factor.
Comment on a risk, attach a file, or view history
Move the risk to the Accept or Mitigate state
Optionally, you can complete one of the following actions.