Risk Details (Threats)

Risk Details (Threats) contains basic identification information for a risk.  Identifying the risk is useful in order to isolate the root cause of that particular risk.  To track the time phasing or cost exposures, users can track the risk window Start and Finish date.  For accountability and reporting, the risk owner can be tracked (person, subcontractor, department, etc).  When the status of a risk is set as Closed, it will no longer be considered in the cost exposure and tornado charts (report section, dashboards).  This page is visible only to those users who have either Read/Write access or View access for Risk Details (Threats).  Users with Read/Write access can create new threats, edit threats, delete threats, and send email.  Users designated with View access can view the threat details and send email.

 

risk_details_threat

Figure 1

 

Navigate Page:

 

To go to the Risk Details (Opportunity) page or Risk Details (Mitigations), the user must navigate from the Risk Details (Threats) page.

The option for navigation from one page to another is placed on top of the page and is shown in Figure 1.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Opportunities radio button (Figure 1) to navigate to the Risk Details (Opportunity) page, or click the Mitigations radio button (Figure 1) to navigate to the Risk Details (Mitigations) page.

 

Searching For Threats:

Searching for threats in Risk Details (Threats) can be done in two ways.  The Search function allows the user to search for a threat based on a keyword.  This method is faster when you are working with large amounts of data.  The Select function is commonly used for databases with less data and when the search objective is known.

Using the search function:

 

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the SEARCH button.  (Figure 1)

  3. Enter the search keyword (which can be the ID or name) and click the SEARCH button and select the required threat.  (Figure 2)

 

risk_details_search_panel

Figure 2

 

The Show All button in the search area lists all the threats available (by default).  (Figure 2)  In order to Filter or Sort threat details displayed in the search area, click the Advanced Search button.  The search area changes to that shown in Figure 3.

 

advance search threats

Figure 3

 

To Filter the search area contents:

Steps:

  1. Select the required column.  (Figure 3)

  2. Enter the value based on which filtering is to be done.  (Figure 3)

  3. Click the Filter button.  (Figure 3)

To Sort the data:

  1. Select the required column.  (Figure 3)

  2. Select the order (Ascending/Descending) in which sorting is to be done.  (Figure 3)

  3. Click the Sort button (Figure 3) to sort the data in the search area.

  4. To go to the previous search page shown in Figure 2, click the Basic Search button shown in Figure 3.

Using the select function (dropdown list):

 

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Select Threat dropdown.  (Figure 1)

  3. Select the required threat from the list shown.

 

Creating a new threat:

Creating a new threat in the risk register is quick and easy.  The risk ID is a required field to save the threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the ADD NEW THREAT button.  (Figure 1)

  3. After entering threat details, click the SAVE button.  (Figure 1)

Risk Owner has an editable select box where we can either enter or select the Risk Owner’s name.  (Figure 4)

 

risk_details_risk_owner

Figure 4

 

Editing threat information:

When editing threat details in the Risk Details (threats), all fields under the Threat Detail section, User Defined Fields section, Recovery Plan section, Qualitative Score section, Monte Carlo Inputs section and Data Mapping section will be unlocked and the user will be able to modify those fields.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the EDIT THREAT INFO button.  (Figure 1)

  4. After the data is modified, click the Save button.  (Figure 1)

 

User Defined Fields Section:

Any user defined or custom field will be shown in this section.  There is no limit to the number of user defined fields.  User Defined Fields are added as follows:

Project settings —> Custom Fields

 

Risk notes Section:

Users can add a short Risk Note.  The note will be saved with the user name and a time stamp for future tracking purposes.  Risk Notes once added cannot be edited.  Risk Notes added can only be deleted by a Super User.  The Super User can delete Risk Notes by clicking the Close button.  (Figure 5)

 

risk_details_risk_note1

Figure 5

 

To Add New Note check the following steps below:

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the threat if the threat is already created.

  3. Click the ADD NEW NOTE link to add Risk Notes.  (Figure 5)  A pop up shown in Figure 6 appears.

  4. Enter the note and click the ADD NOTE button.  (Figure 6)

 

risk_details_risk_note2

Figure 6

 

Risk Documents Section:

This functionality is used to upload any additional documents required.  It can be of type xls, csv, xer, mpp, jpeg, jpg, png, tif, gif, txt, doc, docx and pdf.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click  on the Risk Documents section.  (Figure 1)

  3. Click the BROWSE button. Select the required file.  (Figure 7)

  4. Click the UPLOAD FILE button to finish.  (Figure 7)

 

upload document

Figure 7

 

Recovery Plan Section:

The Recovery Plan section is to document what will be done if mitigation is not successful and the risk event does occur.  It also documents the steps the team should be prepared to take if the risk becomes a reality.

 

Closure Section:

The Closure Section is used for documenting the actual impact of the risk event on the project.  Fully documenting this section will allow similar projects in the future to learn and benefit from the lessons learned.

 

Qualitative Score Section:

Qualitative Score fields include Probability, Cost and Schedule and Additional Impacts, if any.  (Figure 1)  These fields are used to set the pre-mitigated score.  If Probability and impacts have a value of either Undefined or No Risk, the risk score will be zero.

 

Map Schedule ID:

Schedule ID called as Activity ID is used for simulation purposes.

To map activity ID:

Steps:

  1. Click the MAP DATA button shown in Figure 8.  A pop up shown in Figure 9 appears.

  2. Click the checkbox to select the corresponding activity ID you want to map for your threat.  Click the SAVE button to finish.  (Figure 9)

 

link_schedule

Figure 8

 

risk_details_task_mapping

Figure 9

 

Data Mapping Section:

The Data Mapping section shows to which Breakdown Structure the selected threat is mapped and at what level (Project, Business Unit, or Enterprise) it is mapped.  It is not required to map data, but it will be useful when the time comes to report at the portfolio level.

Project Organizational Breakdown Structure, Project Work Breakdown Structure and Project Risk Breakdown structure details are added from the page:

Project Settings —> Project Breakdown Structure

Business Organizational Breakdown Structure, Business Work Breakdown Structure, Business Risk Breakdown Structure, Enterprise Organizational Breakdown Structure, Enterprise Risk Breakdown Structure, Enterprise Work Breakdown Structure are added from the page:

Portfolio Management —> Project Breakdown Structure

Enterprise Risk details are added from the page:

Portfolio Management —> Reports —> Enterprise Risk List

To Map data:

Steps:

  1. Click the map data link to map data for the corresponding field.  (Figure 1)

  2. Select the checkbox corresponding to the data to be mapped.  (Figure 10)

  3. Click the SELECT WBS button (if Work Breakdown Structure), the SELECT OBS button (if Organizational Breakdown Structure), the SELECT RBS button (if Risk Breakdown Structure) to finish.  (Figure 10)

The steps described above applies to all Organizational Breakdown Structure, Work Breakdown Structure and Risk Breakdown Structure fields.

 

risk_details_brkdwn
Figure 10

 

Mitigation Plan Information:

Users can track their Mitigation Plan or individual mitigation steps.  The mitigation plan is a compilation of the individual steps below it.  The mitigation plan cost is rolled up from the cost of each mitigation step.  Tracking mitigation steps creates accountability when the step owner and planned dates are tracked.  Reports can be generated to identify all mitigation steps that are currently behind schedule.

The qualitative and simulation scoring fields (Probability, Cost, Schedule, etc.) in the mitigation steps represent the residual risk that remains after a mitigation step is completed.  The goal is to mitigate a risk until it is gone, however often this is not possible.  It is important to document any residual risk that cannot be removed for the benefit of the project team and the accuracy of Monte Carlo simulations.  Any graph that highlights a post-mitigated score will focus on the residual risk after all mitigation steps have been completed.  The status of a mitigation step and the actual dates should be updated as the steps are started and finished.  Proposed Cost is the sum of all Proposed Cost of mitigation steps and Actual Cost is the sum of all Actual Cost of mitigation steps.

 

miti_plan_information_1

Figure 11

 

risk_details_miti_plan

Figure 12

 

Edit Mitigation Plan Information:

This functionality is to edit the mitigation plan information such as Plan Name, Plan Description, Plan Owner, Proposed Cost, Response Type and Actual Cost.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the EDIT MITIGATION PLAN button.  (Figure 11)

  4. After the data is modified, click the SAVE button.  (Figure 12)

 

Mitigation Steps Information:

Mitigation step information can be added from Spreadsheet page or can be added from the Risk Details page itself.

 

miti step information 1

Figure 13

 

Edit In Spreadsheet:

This functionality is to add, edit, delete and export mitigation steps for the selected threats in spreadsheet.  Click the EDIT IN SPREADSHEET button which navigates to a spreadsheet page.

Steps:

  1. Risk Register —> Risk Details (Threats)
  2. Select the required threat.
  3. Click the EDIT IN SPREADSHEET button.  (Figure 13)
  4. Add, edit, delete and export mitigation steps for the selected threat as in Spreadsheet View page.  (Figure 14)
  5. Click GO TO RISK DETAILS button to go back to the Advanced View page.  (Figure 14)

 

risk_details_threat_spreadsheet

Figure 14

 

Add new Step:

This functionality is to add a new mitigation step for the selected threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the ADD NEW STEP button.  (Figure 13)

  4. After entering threat details, click the SAVE STEP button.  This button is visible only after the ADD NEW STEP button or the EDIT MITIGATION button is clicked.  (Figure 13)

 

Edit Mitigation Step:

This functionality is to edit the selected mitigation step of the selected threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Select the Mitigation Step link that is to be edited, from Mitigation Steps section.  (Figure 13)

  4. Click the EDIT MITIGATION button.  (Figure 13)

  5. After entering mitigation details, click the SAVE STEP button.  (Figure 16)  This button is visible only after the ADD NEW STEP button or the EDIT MITIGATION button is clicked.  (Figure 13)

 

miti_step_info

Figure 15

 

Recycle Bin:

To go to the Recycle Bin from Risk Details (Threats), click the Recycle Bin icon shown on top of the page in Figure 1.

 

recycle bin

recycle bin threat2

Figure 16

 

Restore Threats:

The following steps restore threats and remove them from the Recycle Bin and back to the pages where threat details are being shown, such as Risk Details (threats).

Steps:

  1. Risk Register —>Risk Details (Threats)

  2. Click the Recycle Bin icon to go to Recycle Bin page.

  3. Select the threat to restore.

  4. Click the RESTORE button (Figure 16) to restore selected threat.

 

Delete Threat From Recycle Bin:

The threat deleted from Recycle Bin will be removed completely from the system.

Steps:

  1. Risk Register —>Risk Details (Threats)

  2. Click the Recycle Bin icon to go to the Recycle Bin page.

  3. Select the threat to delete.

  4. Click the DELETE button.  (Figure 16)

After you receive the confirmation message (Figure 17), click the OK button.  The threat will be deleted permanently.  To cancel, click the Cancel button.  (Figure 17)

 

recycle_bin_delete

Figure 17

 

Email Settings:

This functionality is used to export the entire page to Word and send it by email to the person selected.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Threats radio button to navigate to the Risk Details (Threats) page.  (Figure 1)
  3. Select the required threat.

  4. Click the Email icon to send email.

  5. Select the user from the dropdown list to whom mail should be sent.

  6. Enter the message in the Message text area.

  7. Select the required fields for the email edit, that can be edited and saved by the recipient (refer Figure 19).
  8. Click the UPDATE FIELDS button to view the threats and its mitigation field values that are selected, where the email edit can be done.  (Figure 18)
  9. Click the SEND MAIL button to finish.  (Figure 18)

 

risk_details_email
Figure 18

 

risk_details_email_update

Figure 19

 

The recipients can see the page (Figure 19) and submit the changes by clicking the SAVE CHANGES button.  The changes will be updated or error messages will be shown on another web page.  The save changes can be done only once for an email sent.

Deleting Threat:

The deleted threats will be moved to the Recycle Bin.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the Delete Threat button.  (Figure 1)

After you receive the confirmation message (Figure 20), click the OK button.  The threat will be moved to the recycle bin.  To cancel, click the Cancel button.  (Figure 20)

 

delete_confirm

Figure 20

  1. Select the required fields for the email edit, that can be edited and saved by the recipient (refer Figure 22).