Risk Details (Threats) – Risk Register

Risk Details (Threats) contains basic identification information for a risk.  Identifying the risk is useful in order to isolate the root cause of that particular risk.  To track the time phasing or cost exposures, users can track the risk window Start and Finish date.  For accountability and reporting, the risk owner can be tracked (person, subcontractor, department, etc).  When the status of a risk is set as Closed, it will no longer be considered in the cost exposure and tornado charts (report section, dashboards).  This page is visible only to those users who have either Read/Write access or View access for Risk Details (Threats).  Users with Read/Write access can create new threats, edit threats, delete threats, and send email.  Users designated with View access can view the threat details and send email.

 

Figure 1

 

Navigate Page:

 

To go to the Risk Details (Opportunity) page or Risk Details (Mitigations), the user must navigate from the Risk Details (Threats) page.

The option for navigation from one page to another is placed on top of the page and is shown in Figure 1.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Opportunities radio button (Figure 1) to navigate to the Risk Details (Opportunity) page, or click the Mitigations radio button (Figure 1) to navigate to the Risk Details (Mitigations) page.

 

Searching For Threats:

Searching for threats in Risk Details (Threats) can be done in two ways.  The Search function allows the user to search for a threat based on a keyword.  This method is faster when you are working with large amounts of data.  The Select function is commonly used for databases with less data and when the search objective is known.

Using the search function:

 

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the SEARCH button.  (Figure 1)

  3. Enter the search keyword (which can be the ID or name) and click the SEARCH button and select the required threat.  (Figure 2)

 

risk_details_search_panel

Figure 2

 

The Show All button in the search area lists all the threats available (by default).  (Figure 2)  In order to Filter or Sort threat details displayed in the search area, click the Advanced Search button.  The search area changes to that shown in Figure 3.

 

Figure 3

 

To Filter the search area contents:

Steps:

  1. Select the required column.  (Figure 3)

  2. Enter the value based on which filtering is to be done.  (Figure 3)

  3. Click the Filter button.  (Figure 3)

To Sort the data:

  1. Select the required column.  (Figure 3)

  2. Select the order (Ascending/Descending) in which sorting is to be done.  (Figure 3)

  3. Click the Sort button (Figure 3) to sort the data in the search area.

  4. To go to the previous search page shown in Figure 2, click the Basic Search button shown in Figure 3.

Using the select function (dropdown list):

 

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Select Threat dropdown.  (Figure 1)

  3. Select the required threat from the list shown.

 

Creating a new threat:

Creating a new threat in the risk register is quick and easy.  The risk ID is a required field to save the threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the ADD NEW THREAT button.  (Figure 1)

  3. After entering threat details, click the SAVE button.  (Figure 1)

Risk Owner has an editable select box where we can either enter or select the Risk Owner´s name.  (Figure 4)

 

risk_details_risk_owner

Figure 4

 

Editing threat information:

When editing threat details in the Risk Details (threats), all fields under the Threat Detail section, User Defined Fields section, Recovery Plan section, Qualitative Score section, Monte Carlo Inputs section and Data Mapping section will be unlocked and the user will be able to modify those fields.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the EDIT THREAT INFO button.  (Figure 1)

  4. After the data is modified, click the Save button.  (Figure 1)

 

User Defined Fields Section:

Any user defined or custom field will be shown in this section.  There is no limit to the number of user defined fields.  User Defined Fields are added as follows:

Project settings —> Custom Fields

 

Formula Fields Section:

Any formula field will be shown in this section (Figure 5).  There is no limit to the number of formula field.  Formula Fields are added as follows:

Project settings –> Custom Fields

Figure 5

Risk notes Section:

Users can add a short Risk Note.  The note will be saved with the user name and a time stamp for future tracking purposes.  Risk Notes once added cannot be edited.  Risk Notes added can only be deleted by a Super User.  The Super User can delete Risk Notes by clicking the Close button.  (Figure 6)

 

risk_details_risk_note1

Figure 6

 

To Add New Note check the following steps below:

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the threat if the threat is already created.

  3. Click the ADD NEW NOTE link to add Risk Notes.  (Figure 6)  A pop up shown in Figure 7 appears.

  4. Enter the note and click the ADD NOTE button.  (Figure 7)

 

risk_details_risk_note2

Figure 7

 

Risk Documents Section:

This functionality is used to upload any additional documents required.  It can be of type xls, csv, xer, mpp, jpeg, jpg, png, tif, gif, txt, doc, docx and pdf.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click  on the Risk Documents section.  (Figure 1)

  3. Click the BROWSE button. Select the required file.  (Figure 8)

  4. Click the UPLOAD FILE button to finish.  (Figure 8)

 

Figure 8

 

Recovery Plan Section:

The Recovery Plan section is to document what will be done if mitigation is not successful and the risk event does occur.  It also documents the steps the team should be prepared to take if the risk becomes a reality.

 

Closure Section:

The Closure Section is used for documenting the actual impact of the risk event on the project.  Fully documenting this section will allow similar projects in the future to learn and benefit from the lessons learned.

 

Qualitative Score Section:

Qualitative Score fields include Probability, Cost and Schedule and Additional Impacts, if any.  (Figure 1)  These fields are used to set the pre-mitigated score.  If Probability and impacts have a value of either Undefined or No Risk, the risk score will be zero.

 

Map Schedule ID:

Schedule ID called as Activity ID is used for simulation purposes.

To map activity ID:

Steps:

  1. Click the MAP DATA button shown in Figure 9.  A pop up shown in Figure 10 appears.

  2. Click the checkbox to select the corresponding activity ID you want to map for your threat.  Click the SAVE button to finish.  (Figure 10)

 

Figure 9

 

risk_details_task_mapping

Figure 10

 

Data Mapping Section:

The Data Mapping section shows to which Breakdown Structure the selected threat is mapped and at what level (Project, Business Unit, or Enterprise) it is mapped.  It is not required to map data, but it will be useful when the time comes to report at the portfolio level.

Project Organizational Breakdown Structure, Project Work Breakdown Structure and Project Risk Breakdown structure details are added from the page:

Project Settings —> Project Breakdown Structure

 

Business Organizational Breakdown Structure, Business Work Breakdown Structure, Business Risk Breakdown Structure, Enterprise Organizational Breakdown Structure, Enterprise Risk Breakdown Structure, Enterprise Work Breakdown Structure are added from the page:

Portfolio Management —> Project Breakdown Structure

 

Enterprise Risk details are added from the page:

Portfolio Management —> Reports —> Enterprise Risk List

 

To Map data:

Steps:

  1. Click the map data link to map data for the corresponding field.  (Figure 1)

  2. Select the checkbox corresponding to the data to be mapped.  (Figure 11)

  3. Click the SELECT WBS button (if Work Breakdown Structure), the SELECT OBS button (if Organizational Breakdown Structure), the SELECT RBS button (if Risk Breakdown Structure) to finish.  (Figure 11)

The steps described above applies to all Organizational Breakdown Structure, Work Breakdown Structure and Risk Breakdown Structure fields.

 

risk_details_brkdwn
Figure 11

 

Mitigation Plan Information:

Users can track their Mitigation Plan or individual mitigation steps.  The mitigation plan is a compilation of the individual steps below it.  The mitigation plan cost is rolled up from the cost of each mitigation step.  Tracking mitigation steps creates accountability when the step owner and planned dates are tracked.  Reports can be generated to identify all mitigation steps that are currently behind schedule.

The qualitative and simulation scoring fields (Probability, Cost, Schedule, etc.) in the mitigation steps represent the residual risk that remains after a mitigation step is completed.  The goal is to mitigate a risk until it is gone, however often this is not possible.  It is important to document any residual risk that cannot be removed for the benefit of the project team and the accuracy of Monte Carlo simulations.  Any graph that highlights a post-mitigated score will focus on the residual risk after all mitigation steps have been completed.  The status of a mitigation step and the actual dates should be updated as the steps are started and finished.  Proposed Cost is the sum of all Proposed Cost of mitigation steps and Actual Cost is the sum of all Actual Cost of mitigation steps.

 

Figure 12

 

Figure 13

 

Edit Mitigation Plan Information:

This functionality is to edit the mitigation plan information such as Plan Name, Plan Description, Plan Owner, Proposed Cost, Response Type and Actual Cost.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the EDIT MITIGATION PLAN button.  (Figure 12)

  4. After the data is modified, click the SAVE button.  (Figure 13)

 

Mitigation Steps Information:

Mitigation step information can be added from Spreadsheet page or can be added from the Risk Details page itself.

 

Figure 14

 

Edit In Spreadsheet:

This functionality is to add, edit, delete and export mitigation steps for the selected threats in spreadsheet.  Click the EDIT IN SPREADSHEET button which navigates to a spreadsheet page.

Steps:

  1. Risk Register —> Risk Details (Threats)
  2. Select the required threat.
  3. Click the EDIT IN SPREADSHEET button.  (Figure 14)
  4. Add, edit, delete and export mitigation steps for the selected threat as in Spreadsheet View page.  (Figure 15)
  5. Click GO TO RISK DETAILS button to go back to the Advanced View page.  (Figure 15)

 

risk_details_threat_spreadsheet

Figure 15

 

Add new Step:

This functionality is to add a new mitigation step for the selected threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the ADD NEW STEP button.  (Figure 14)

  4. After entering threat details, click the SAVE STEP button.  This button is visible only after the ADD NEW STEP button or the EDIT MITIGATION button is clicked.  (Figure 14)

 

Edit Mitigation Step:

This functionality is to edit the selected mitigation step of the selected threat.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Select the Mitigation Step link that is to be edited, from Mitigation Steps section.  (Figure 14)

  4. Click the EDIT MITIGATION button.  (Figure 14)

  5. After entering mitigation details, click the SAVE STEP button.  (Figure 16)  This button is visible only after the ADD NEW STEP button or the EDIT MITIGATION button is clicked.  (Figure 14)

 

miti_step_info

Figure 16

 

 

Recycle Bin:

To go to the Recycle Bin from Risk Details (Threats), click the Recycle Bin icon shown on top of the page in Figure 1.

 

Figure 17

 

Restore Threats:

The following steps restore threats and remove them from the Recycle Bin and back to the pages where threat details are being shown, such as Risk Details (threats).

Steps:

  1. Risk Register —>Risk Details (Threats)

  2. Click the Recycle Bin icon to go to Recycle Bin page.

  3. Select the threat to restore.

  4. Click the RESTORE button (Figure 17) to restore selected threat.

 

Delete Threat From Recycle Bin:

The threat deleted from Recycle Bin will be removed completely from the system.

Steps:

  1. Risk Register —>Risk Details (Threats)

  2. Click the Recycle Bin icon to go to the Recycle Bin page.

  3. Select the threat to delete.

  4. Click the DELETE button.  (Figure 17)

After you receive the confirmation message (Figure 18), click the OK button.  The threat will be deleted permanently.  To cancel, click the Cancel button.  (Figure 18)

 

Figure 18

Search:

Search (Basic Search):

The Search function allows the user to search for a threat based on a keyword.  This method is faster when you are working with large amount of data.  Threat details which are deleted from risk details can be searched based on their Threat id, Risk Name etc for the particular project.

Steps:

  1. Recycle bin —> Search —> Threats  (Figure 19)
  2. Click the Search button.  (Figure 20)
  3. Enter the search keyword (which can be the ID or name) and click the Search button and the results will be displayed.  (Figure 21)
  4. After displaying the results to get back to the all details Click Show All button. (Figure 21)

Figure 19

 

Figure 20

Figure 21

Search (Advanced Search):

To filter the search area contents using Advance Search

Steps:

  1. Select the required field from the dropdown list.  (Figure 22)
  2. Enter the value based on which filtering is to be done
  3. Click the Filter button the search results are displayed.  (Figure 22)
  4. After using Advance Search user can move to the basic search by clicking on Basic Search. (Figure 22)

To Sort the data

  1. Select the required field.  (Figure 22)
  2. Select the order (Ascending/Descending) in which sorting is to be done.  (Figure 22)
  3. Click the Sort button to sort the data in the search area.  (Figure 22)

To reset the details for filter and sort fields, click the Reset button.  (Figure 22)

 

Figure 22

 

Email Settings:

This functionality is used to export the entire page to Word and send it by email to the person selected.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Click the Threats radio button to navigate to the Risk Details (Threats) page.  (Figure 1)

  3. Select the required threat.

  4. Click the Email icon to send email.

  5. Select the user from the dropdown list to whom mail should be sent.

  6. Enter the message in the Message text area.

  7. Select the required fields for the email edit, that can be edited and saved by the recipient (refer Figure 24).
  8. Click the UPDATE FIELDS button to view the threats and its mitigation field values that are selected, where the email edit can be done.  (Figure 23)

  9. Click the SEND MAIL button to finish.  (Figure 23)

 

risk_details_email
Figure 23

 

risk_details_email_update

Figure 24

 

The recipients can see the page (Figure 24) and submit the changes by clicking the SAVE CHANGES button.  The changes will be updated or error messages will be shown on another web page.  The save changes can be done only once for an email sent.

Deleting Threat:

The deleted threats will be moved to the Recycle Bin.

Steps:

  1. Risk Register —> Risk Details (Threats)

  2. Select the required threat.

  3. Click the Delete Threat button.  (Figure 1)

After you receive the confirmation message (Figure 21), click the OK button.  The threat will be moved to the recycle bin.  To cancel, click the Cancel button.  (Figure 25)

 

Figure 25

  1. Select the required fields for the email edit, that can be edited and saved by the recipient (refer Figure 22).



Copyright © 2021 PRC Software. All rights reserved

This will close in 0 seconds


This will close in 0 seconds

The PRC Enterprise Risk Register is a web-based risk management software solution which allows for the tracking of risk at the project and portfolio level.  Audit logs for all risk updates and changes are available at the click of a button to aid with audits, claims and the flow of information.  The power of the PRC Enterprise Risk Register is in the simplicity of the user interface, which is designed to navigate easily at both project and portfolio levels without compromising functionality or data.  The PRC Enterprise Risk Register allows for mapping across project levels so the data can be reported at the portfolio level, even if the work, risk and organizational breakdown structures are not standardized.

Read More

This will close in 0 seconds

The PRC Enterprise Cost Risk Analysis is a customizable web-based solution for simulating estimate cost and determining cost contingency, cost drivers, and risk hotspots. The key to a good risk analysis is good inputs.  The software cannot be a roadblock to success. Good risk software should be easy on the end user. Monte Carlo simulation is already a complex.  The software should simplify the process.

Read More

This will close in 0 seconds

The PRC Enterprise Schedule Risk Analysis is a customizable web-based solution for simulating schedule duration and dates. At PRC Software, we believe that the key to good risk software is through good inputs and excellent user friendliness. A Monte Carlo simulation is already a complex.  The software should not be complicated as well.

Read More

This will close in 0 seconds

PRC specializes in risk analysis, audit, and training.  We have cross-industry experience in fields such as Aerospace & Defense, Oil & Gas, and Engineering & Construction.  We believe that over-complicating the risk process often leads to wasted effort and poor results.  Our goal is to "make it simple."

Read More

This will close in 0 seconds