Risk Template for Risk Assessment Application

User Guide: Risk Template for Risk Assessment Application

Welcome to the Risk Template Sub module of our Risk Assessment application! This feature allows users to create a template standardizes how risks are captured, evaluated, and tracked—boosting consistency, efficiency, compliance, and communication across teams.

1. Overview of Risk Template Sub module

The Risk Template sub-module is a foundational part of many enterprise Risk Assessment products, designed to standardize, streamline, and automate the creation and management of risk assessments across an organization.

• The Risk Template sub-module allows users to:
• Pre-define risk assessment structures
• Ensure consistency across risk registers
• Accelerate assessment workflows by reusing templates
• Maintain compliance with organizational or regulatory frameworks

1. Language Options for Risk Template in Risk Assessment Product

To cater to diverse user needs, the Risk Template Sub module supports multiple languages. You can select your preferred language from the dropdown menu located at the top of the screen. This ensures that Risk Template screen displayed in the selected language, accessible and understandable across global teams.

1. Risk Template questionnaires:
2. How to open Risk Template sub module in Risk Assessment?

Risk Template module can be accessed from below navigation

• Navigate to Main Menu
• Select Risk Register module
• Select Risk Template Sub module menu

1. How to create New Risk Template in Risk Assessment product?

• Creating a New Risk Template in a Risk Assessment product allows your organization to standardize the risk evaluation process across departments or projects.
• Steps to Create a New Risk Template in a Risk Assessment Product:
• Click on Risk Register module link.
• Click on Risk Template
• Click on + icon
• Create Risk Template Page should be displayed.
• Below Risk Template creation fields should be displayed:
• Name: The "Name" field is a required identifier when creating a Risk Template in any Risk Assessment product.
• It is a mandatory field
• Risk Appetite: The Risk Appetite field in a Risk Template creation page represents the organization’s tolerance or willingness to accept a certain level of risk in a specific area, process, or activity.
• Description Text: The "Description Text" field in the Risk Template creation page is used to provide additional context or guidance about the purpose and usage of the template.
• It is a mandatory field.

1. What are the different types of metrics available on the Risk Template creation page?

• When creating a Risk Template in a Risk Assessment product, you can typically choose or define different types of risk templates depending on the business function, risk domain, or use case. These templates help standardize how risks are assessed across different areas of the organization.
• Different Types of Risk Templates are as follows:
• Likelihood/Impact: In the Risk Template creation page of a Risk Assessment product, Likelihood and Impact is the two core elements used to calculate the Risk Score. These fields are foundational to risk evaluation and are typically required in every risk template.
• Likelihood: Measures how probable or frequent it is that a risk event will occur.
• Impact: Measures how severe the consequences would be if the risk event materializes
• Confidentiality/Integrity/Availability: A Confidentiality / Integrity / Availability (CIA) Template is a type of risk assessment template used primarily in information security, cyber security, and IT risk management. It helps assess how a risk or asset impacts the three core pillars of information security: Confidentiality, Integrity, and Availability.
• Asset/Threats/Vulnerability: An Asset/Threat/Vulnerability (ATV) template is a structured risk assessment template used to evaluate how critical assets could be impacted by specific threats exploiting known or potential vulnerabilities. It is commonly used in IT risk management, cyber security, and third-party risk assessments.
• When user check makes this template favourite by default for this template it will become favourite.
• When user fills all the details and click on save button new Selected Risk Template should be created and should display in Risk Template home page.

1. Can we select Likelihood/Impact template metrics with default from settings?

• Yes, in most risk assessment platforms, you can select the Likelihood and Impact metrics in a Risk Template by using the default values configured in system settings.

1. Can we select likelihood/impact template metrics with custom from questionnaires?

• Yes, in many Risk Assessment platforms, you can configure the Likelihood and Impact metrics to be populated dynamically based on responses from custom questionnaires.
• When user select likelihood/Impact with custom from questionnaires and when click on save button questionnaires popup should be displayed on the page.
• When user click on Yes button in Add questionnaires popup below fields should be displayed on the page:
• Question Text: The "Question Text" field is the main field used to define the actual question you want respondents to answer when filling out a questionnaire in the Risk Assessment product.
• Likelihood/impact: The Likelihood/Impact field in the Add Questionnaires popup is used to link a specific question’s response to the risk scoring model, specifically the Likelihood or Impact metric in the risk template.
• No of Options: The "No of Options" field in the Add Questionnaires popup is used to specify how many answer choices (response options) a particular question will have.
• Same should be displayed when user select template with confidentiality/Integrity/Availability with custom from question checkbox.
• Check whether when user select Asset/Threat/Vulnerability template custom from questionnaires checkbox should be disabled automatically.

1. Can we edit / Modify created Risk Template in Risk Register module? 

• Yes, you can edit or modify a created Risk Template in the Risk Register module—provided you have the appropriate permissions.
• In Risk Template Edit page we can edit below fields :
• Name
• Risk Appetite
• Description
• Along with edit template, we can also edit columns name & risk calculations also.
• When user click on save button in edit template page.
• Updated details successfully message should be displayed on the page. 

1. Can we add normal risks in risk template in risk register module?

• Yes, you can add risks using a Risk Template in the Risk Register module of the Risk Assessment product.
• Step-by-Step: Add Risks in a Risk Template:
• Click on Risk Register module.
• Click on Risk Template sub module.
• Risk Template home page should be displayed on the page.
• Click on edit icon in created template.
• Risk tab should be displayed on the page.
• Click on + icon in risk tab page should be displayed.
• Add Risk page should be displayed with below fields:
• Risk Number: The "Risk Number" field is a unique identifier assigned to each risk when you add it via the Add Risk page in the Risk Register module of the Risk Assessment product.
• Risk Name: The "Risk Name" field is where you enter a short, descriptive title for the risk being added to the Risk Register, using a Risk Template.
• Source of Risk: The “Source of Risk” field on the Add Risk page is used to capture the origin or root cause of the risk you’re recording.
• Risk Category: The Risk Category field is used to classify the risk into a predefined group or family based on its nature, origin, or how it impacts your organization.
• Risk Owner Authority: The Risk Owner Authority field is a dropdown that defines the level of authority or responsibility that the assigned Risk Owner holds over the risk. It helps to clarify what decisions or actions the Risk Owner is empowered to take.
• Description Text: The “Description” field is a crucial free-text area designed to articulate the risk in clear, concise detail within the Risk Register. It helps stakeholders understand the nature of the risk and its potential impact.
• Status Type: The "Status Type" field on the Add Risk page typically allows you to mark a risk as Active or Inactive, indicating whether the risk is currently being managed or is no longer a concern.
• Department and Team Risk Owner: This dropdown lets you select the specific individual or group within that department accountable for managing the risk.
• According to risk management best practices, a risk owner is someone with the authority, domain expertise, and responsibility to assess, mitigate, and monitor risks in their scope
• Severity: The "Severity" field is a key input used to assess how severe the potential consequences of a risk would be if it were to occur. It's essentially synonymous with Impact and is used to calculate the overall risk magnitude.
• Select KRI: The Select KRI field allows you to associate one or more Key Risk Indicators (KRIs) with a specific risk during creation or editing. KRIs is used to monitor and signal potential risk events early, enabling proactive risk management.
• Additional Information fields should be displayed based on the custom fields added in the Risk Template settings page.
• Likelihood: The Likelihood field captures the probability or chance that a risk event will occur. It’s a core component of the risk scoring mechanism and sits at the heart of any comprehensive risk assessment.
• Impact Effect: The Impact Effect field allows users to describe the specific impact or consequence that a risk may have on organizational objectives, beyond just a numeric impact score. It adds clarity and context to the risk entry.

1. Can we upload/create new Risk in Risk Template in Risk register from excel sheet? 

• Yes, you can upload or create new risks in a Risk Register using an Excel sheet, provided your risk management platform supports this feature. Many modern risk management systems offer bulk import functionality, allowing you to efficiently add multiple risks at once by uploading a properly formatted Excel or CSV file.
• How to Upload/Create New Risks from Excel:
• Yes, we can create new Risk from downloaded excel sheet.
• Click on download icon in KRI library home page.
• Click on download New Risk data sheet.
• Excel Sheet should be downloaded successfully.
• Open the excel sheet and fill the data & save the sheet.
• Click on upload icon in Risk Template home page.
• Upload Risk Information popup should be displayed.
• Click on Upload new data.
• Click on select file button.
• Upload saved file.
• Check whether newly created Risk should be displayed in Risk Template home page.

1. Can we delete created Risk Template in risk template home page?

• Yes, you can delete a created Risk Template from the Risk Template home page—but typically only after archiving it first. Once deleted, the template cannot be restored, so proper permissions and confirmation steps are required.
• Step-by-Step guide to delete Risk Template:
• Click on Risk Register module.
• Click on Risk Template sub module link.
• Click on Delete icon for respective Template.
• Delete popup should be displayed on the page.
• Check whether when user click on Yes button.
• Selected template should be deleted successfully.
• Check whether template should be deleted from edit template page also.

1. Can we Search data in Risk Template screen in risk register module in risk assessment product?

• Yes, we can search data in Risk Template home page by following below procedure:
• Click on Risk Register module.
• Click on Risk Template sub module.
• Risk Template home page should be displayed on the page.
• Go to Right side of the screen 
• Enter valid data in search check whether entered data should be displayed on the page.
• When user enters invalid data check whether no records should be displayed on the page.

1. What are events in Risk Template home page in risk register module in risk assessment product? 

• Events section will capture all changes done by user on Risk Template sub module screen. 
• In events section below fields should be displayed: 

1. Search Field: When user enters related text in events search field if entered text is matching then data should be displayed on the page. If no data available on the page “No records found” message should be displayed on the page. 
2. Click here to view/hide details: When user click on click here to view icon columns popup should be displayed. When user unchecks any column that column should not be displayed on the page. Checked data should be displayed on the page. 
3. Excel Export: When user clicks on excel export link excel sheet should be downloaded successfully. 
4. In events screen we will capture below operations done by an end user:

• Create
• Update:
• Delete
• When user click on events dropdown in Risk Template sub module in risk register module below columns data should be displayed on the page:
• Action Performed: What all the operations performed by those data will be captured in this column.
• Performed By: In this column which user performed those data should be displayed on this page.
• Module: In which module user performed those module data will be captured in this column.
• Action Date: In this column on which date user performed those data should be displayed on the page
• Action Info:
• View Details: When user click on view details icon audit info popup should be displayed on the page.