Risks

Add controls and actions to a risk assessment

After you create a risk assessment, open it to add risk items that document hazards, existing controls, and planned mitigations. Open an individual risk item to edit its details, add comments, or create follow-up tasks to assign actions to team members and track completion. For a full guide to the item detail page, see View and edit a risk assessment item.

Before you start

You need the Manager role or higher for the Risks module to add risk items and create tasks. If you do not see the Add or Create Task options, ask your site administrator to update your permissions in Settings > User Management > Edit Access. For a full role overview, see Risks roles and access.

  1. Go to Risks and open the assessment you want to update.

  2. In the Matrix Section where you want the hazard, click Add Risk Item.

  3. Enter a Risk Description that describes the hazard or scenario.

  4. In Existing Controls (optional), describe any safeguards already in place.

  5. Under Initial Risk Assessment, click a cell in the matrix to select the severity and likelihood.

  6. In Mitigation Controls (optional), describe the planned controls or actions that will reduce the risk.

  7. Under Residual Risk Assessment, click a cell to assess the remaining risk after the mitigation controls are applied.

  8. Click Add Risk Item.

The risk item is saved to the assessment. You can add more items by repeating the steps above. If the assessment has multiple Matrix Sections, choose the section that should contain the hazard.

Edit an existing risk item

  1. Open the risk assessment and click the risk item you want to change.

  2. The item opens in the dedicated Risk Item Details page. Update the Risk Description, Existing Controls, Mitigation Controls, or risk matrix selections.

  3. Click Save Changes.

Edits are only available when the assessment is in an editable draft. Published and historical versions are read-only. For more details on the item detail page, see View and edit a risk assessment item.

Create a follow-up task for a risk item

  1. Open the risk assessment and click the risk item you want to action.

  2. On the item detail page, click Create Task in the task section.

  3. Review the pre-filled Title and Description. The title defaults to the risk description, and the description defaults from the mitigation controls.

  4. Choose a Priority: Low, Standard, High, or Critical.

  5. Under Assigned to Team, select the group responsible for the work.

  6. Under Assigned to User, select an individual. If you choose someone outside the assigned team, a warning appears, but you can still proceed.

  7. Optionally, set a Start Date for when the task should appear in the assignee's inbox, and a Due Date for when it becomes overdue if not completed.

  8. Add any extra context in Notes.

  9. Click Create Task.

The task is created and linked to the risk item. You will see a Task Created entry in the Tasks section, and the assignee can complete the task from their inbox or work order list. Completion is tracked automatically.

When the assessment is complete, publish it so the controls and tasks are locked for audit. See Working with risk assessment versions for how to publish and version your assessment.

See Work with risk assessment sections for how to add, edit, and reorder sections on the assessment page.

Was this helpful?