Risk Creation, Edit and Approval Process in SysRisk
In SysRisk, the process of risk creation is the cornerstone of risk management. However, creating a risk entry is just the first step; for it to be considered active and operable data, the risk entry must be approved. This document outlines the steps involved in creating and approving risk entries, as well as the differences between the free individual version and the paid versions of SysRisk.
Overview of Risk Creation and Approval
- Free Version: Users have the ability to create and approve risks without additional permissions.
- Paid Versions: In a more structured environment, risk creation and approval follow a hierarchical workflow. General users need specific permissions to create risk entries in both the Enterprise Risk Management (ERM) and Project Risk Management (PRM) modules. Risks created by users must be submitted for approval to be officially recognized.
Once a risk is approved by the risk owner, it is added to the risk register and assigned a unique ID, marking it as active data.
Detailed Risk Creation Process
- Log In
- Users must first log in to their SysRisk account to access risk management features.
- Select the Module (ERM or PRM)
- After logging in, navigate to the intended module:
- ERM Module: Users need access to specific risk categories to create risk entries.
- PRM Module: Users must be added to specific projects to create risks related to those projects.
- Navigate to the Risk Entry Page
- Once in the desired module, proceed to the Risk Entry page.
- Fill Out the Risk Entry Form
On the Risk Entry page, users must:
- Select a category (in ERM) or a project (in PRM) from the dropdown.
- Fill in the required fields with relevant risk information.
Note: General users can only select categories or projects that they have been granted access to by admins or product admins.
- Save or Submit the Risk for Approval
- After completing the form, users have two options:
- Save Risk: Save the risk entry for later editing or submission.
- Save and Request Approval: Submit the risk entry directly to the risk owner for approval.
- Saved risks remain visible in the table beneath the form and can be edited until approved.
Risk Approval Process
Once a risk is submitted for approval, it appears in the Risk Approval page of the risk owner’s account. The risk owner has the following options:
- Approve: The risk entry is added to the risk register with a unique ID and becomes active.
- Reject: The risk remains in the risk entry table and can be edited by the creator.
- Request Changes: The risk owner can add a note requesting changes, after which the risk is sent back for revision.
Once a risk is approved, it becomes active data in the Risk Register, viewable and editable by authorized users.
Key Features During Risk Management
- Editable Until Approval: Risk entries remain editable and viewable in the risk entry table until they are officially approved.
- Document Upload: Users can upload documents related to the risk entry through the Add Document feature in the Edit window.
- PostApproval Updates: Once approved, risk entries appear with a unique ID in Risk Register page and can be updated as needed, becoming part of SysRisk’s operable data set.
Importance of the Risk Entry Process
Creating a risk entry triggers all subsequent operations within SysRisk, such as:
- Statistics: The system generates insights based on active risks.
- Suggestions: Recommendations and mitigation strategies are made available.
- Updates: Ongoing monitoring and updates are applied to approved risks.
Since the risk entry is the most fundamental operation, ensuring its accuracy and approval is crucial. Properly stored risks also serve as valuable resources for addressing similar challenges in the future.
By following these steps, users can efficiently create, submit, and manage risk entries, ensuring that risks are correctly documented and approved within SysRisk.
