Risk Assessments
Plan, execute, and manage structured risk assessments to identify and evaluate risks
Risk assessments are structured evaluations used to identify, analyze, and evaluate risks within a defined scope. They provide a framework for systematically examining potential risks, assessing their likelihood and impact, and determining appropriate treatment strategies.
Structured Evaluation
Define assessment scope, context, and criteria to ensure comprehensive risk identification.
Team Collaboration
Assign assessors, participants, and owners to leverage team expertise and ensure accountability.
Creating Risk Assessments
Navigate to Create Assessment
Go to Risk Management → Create Assessment from the sidebar, or click the "Create Assessment" button on the Assessments list page.
Fill in Assessment Details
Complete the assessment form with the following information:
Clear, descriptive name (e.g., "Q1 2025 IT Security Risk Assessment")
Define what is included and excluded from the assessment
Background information and circumstances
When the assessment begins
Assign Team Members
Assign team members to different roles:
- Owner: Primary person responsible for the assessment
- Assessors: Team members who will conduct the assessment
- Participants: Additional team members involved
Set Classification and Priority
Select the appropriate risk classification and priority level. These help categorize and prioritize the assessment within your risk management framework.
Save Assessment
Click "Create Assessment" to save. The assessment will appear in your assessments list and you can begin adding risks to it.
Assessment Fields
A clear, descriptive name for the assessment
The boundaries and extent of what the assessment covers
Background information and circumstances surrounding the assessment
Standards or benchmarks used to evaluate risks
Detailed description of the assessment purpose and objectives
When the assessment begins
Expected completion date (optional)
Current status of the assessment (e.g., Active, Completed, On Hold)
Priority level for the assessment
Risk classification category
Primary person responsible for the assessment
Team members who will conduct the assessment
Additional team members involved in the assessment
Managing Assessments
Viewing Assessments
Navigate to Risk Management → Assessments to see all assessments. Each assessment card shows key information including title, status, dates, risk count, and assigned team members.
Editing Assessments
Click "Edit" on any assessment card to modify its details. You can update scope, context, dates, status, team assignments, and other fields.
Adding Risks
Within an assessment, you can add risks by documenting their likelihood, impact, risk scores, and treatment options. Risks are associated with the assessment and can later be registered in the Risk Registry.
Starring Assessments
Mark important assessments with a star to quickly identify and access them. Starred assessments are highlighted in the list.
Assessment Status
Assessment is currently being conducted. Risks are being identified and evaluated.
Assessment has been completed. All risks have been identified and documented.
Assessment is temporarily paused. Work may resume later.
Assessment has been cancelled and will not be completed.
Best Practices
Define clear scope and context before starting to ensure comprehensive coverage
Assign appropriate team members with relevant expertise
Set realistic start and end dates to track progress
Document risks thoroughly with clear descriptions and rationale
Accurately assess likelihood and impact to calculate meaningful risk scores
Update assessment status regularly as work progresses
Next Steps
Risk Registry
Learn how to register risks from assessments for ongoing tracking
Learn About Risk RegistryNeed Help?
Our support team is here to help you with risk assessments.