Policy and Procedure Intelligence.
Let our AI engine help you build your policy and procedures guide, so you can be up and running in minutes.
RISK MANAGEMENT
Many policies and procedures are instituted in order to reduce risks in an organization. For example, procedures may specifically include certain safety checks in order to reduce the risk of accidents occurring. Or perhaps you have a data protection policy in order to mitigate against liability for a client data breach.
Risk Management Module
The Risk Management module allows you to track risks and threats to the success of your organization, along with the mitigations you've added to thwart those risks.
To make sense to the approach of writing certain policies and procedures from a risk perspective, we have incorporated an optional Risk Management module into our platform, that helps you pinpoint, analyze and mitigate risks across your organization, as an on-going initiative.
Tip: You can also regularly review any recent incident reports to determine future risks that need mitigation.
An effective risk management program can be extremely valuable, protecting your organization from threats and helping to maintain stability.
In this section we'll run through the features of the Risk Management module, and help you make the most of them.
Note: The Risk Management features can only be seen by users who have "Risk Analyst" setting set to Yes. Please contact an administrator to have this switched on for your user. Administrators will always see the risk management features
Risk Register
The Risk Register is a collection of risks that you have identified and want to track. You can have multiple risk registers, for different aspects of your business, such as different departments, or even specific ventures or projects. The risks in that particular register are usually related in some way.
You can add risk registers either manually, or you can generate a risk register using AI or download a sample from a library. When downloading samples from the library, you can also set them to update automatically, which means you will receive new risks as they are added to the library. Note: you will not receive updates to a risk after a mitigation is added.
Here you will enter the risk register name (the "Category"), along with an optional summary. You can also enter in the target review frequency, which is how often you intend to review the risks.
If you specify an Approver user, then that user will have to approve any changes that are made to risks in that particular registry. If you leave it blank, then any Risk Analyst user will be able to edit those changes without seeking approval.
Once you add the register, it will appear in your list of registers when you click on that tab.
Each risk register is color coded to indicate the degree that its risks are mitigated. This is also displayed in a chart within the tile.
Clicking a risk register will take you to the list of risks.
Generating Risks with AI
You can also generate risk registers using AI to assist you.
When you click on the Risk Register tab, you'll see a link for generating a risk register. Click that and you'll see a form like this:
In there you can enter in the area you wish to explore the risks for. For example, you may enter in "Accounting department risks". Then click OK and it will send the information to the AI engine to construct a list of typical risks for the specified risk area. It will generate around 20 risks.
Once generated, it'll take you to the risk register where you can see what it has generated. You can then modify the risks, including adding new risks, deleting unnecessary risks or updating the existing risks, as you see fit.
Keep in mind that these are unmitigated risks. You then need to go into each risk and add a mitigation, such as linking the mitigation to a policy in your site.
If you decide you don't want the risk register that was generated, go to What's Next and click "Remove". You can then generate it again using the same technique, modifying the risk area as required.