Risk Management > Common > Risk Register - All

Risk Register Definition: Risk management refers to a coordinated set of activities and methods that is used to direct an organization and to control the many risks that can affect its ability to achieve objectives. Risk management is the activity of managing all the registered risks which are raised in the organisation or environments.

Risk Register Function: The manage and analysing of all registered risks.

The risk register detail can be viewed in different views:

  • Risk register - All : List of all risks that were raised and created
  • Risk register - Open : List of the risks that are NOT in one of the following statuses = Tolerate; Terminate; Transferred or Resolved
  • Risk register - Due for review : List of all the risks that are in the Tolerate Status
  • Risk register - New : This will open the create wizard to raise a new risk.

Note

List pages can help reduce the time that it takes to complete some daily tasks in Microsoft Dynamics AX. You can use list pages to view a list of similar records, select a record, and then perform actions against that record. There are two types of list pages: primary and secondary. Primary list pages display a set of records, and secondary list pages display a subset of those records. You must have security access to a primary list page to view the secondary list pages that are based on it.

When the Risk Register is opened from the common (menu) or the area page, it will open the form as a primary list page. From this view you can select a risk record and click on EDIT to open the detail or grid view to perform actions against the selected record. List pages display multiple records as a list, or a series of rows and columns. You can sort the data in the list and use filters to display subsets of the list items. You can also click links to display specific records, if records are available.

Select multiple rows in a list by using check boxes to filter on specific records. Filter the information in a list by using a quick filter or an advanced filter. Save an advanced filter as a Cue on a Role Centre page.

Tasks that use this form

Create new risk

Manage a risk

Analyse a risk

Navigating the form

The following tables provide descriptions for the controls in this form:

Risk Action Pane

Control name

Description

Risk New

Create a new risk.

Edit

Edit a risk record

Delete

Delete a risk record

Header view

View header and header-related information on FastTabs.

Line view

View the header and line information together. You can expand the lines and line details tabs to see more information about lines.

Additional information

The function is used to add additional information to the risk.

Setup

Open a menu with the following items:

  • Risk characteristics - This button displays all the risk characteristics.
  • Risk actions - This button displays all the risk actions.

Status

This function is used to change the status of the risk.

Refresh

Refresh the page. (This function is only available in the grid view mode or List page)

Export to Microsoft Excel

The function is used to export selected data to Microsoft Excel. (This function is only available in the grid view mode or List page)

Attachments

View and open the documents that are attached to this execution order. This includes external documents.

Manage Action Pane

Control name

Description

Change specification

This function will allow you to change the risk specifications. (Type, Impact and Likelihood)

Update characteristics

This allow for the update of characteristics created for this risk type.

Refer a risk

This function is used to refer the risk and give a reason for the referral.

Analyse Action Pane

Control name

Description

Maintenance

Create a new maintenance execution from this risk.

Incident

Create a new incident from this risk.

Risk related

Assign this risk to other related risk/s.

Cause

Add cause/s related finds to the risk after analysing and assessment.

Effect

Add the risk consequences/effects related findings after analysing and assessment.

Risk assumptions and uncertainties

Add assumptions and uncertainties related to risk after analysing of this risk.

History

View the history entries/events for this risk.

Note : Find Record

The find function can be used to find specific records selected from the pre-defined criteria.

Line View

This tab is displayed only in the line view of the form.

Field name

Field description

Risk ID

This field is system generated a code or number uniquely identifying the risk that was raised.

Risk Description

This is a short detailed description to define the risk.

Risk type

This field defines specific classification of the different types of risk. This is definable with a base data table. There are many different types of risk that risk management plans can mitigate. Common risks include things like accidents in the workplace or fires, tornadoes, earthquakes, and other natural disasters. It can also include legal risks like fraud, theft, and sexual harassment lawsuits. Risks can also relate to business practices, uncertainty in financial markets, failures in projects, credit risks, or the security and storage of data and records.

Risk appetite

Risk Appetite is a method to help guide an organisation’s approach to risk and risk management. The level of risk that an organisation is prepared to accept, before action is deemed necessary to reduce it. It represents a balance between the potential benefits of innovation and the threats that change inevitably brings. Organisations have to take risk to make a profit, or deliver value to their stakeholders. The level of risk they pursue is their appetite for risk. But they may be able to tolerate, or absorb, a different level of risk without significant impact on achieving their strategic objectives. This is their tolerance.

The appropriate level will depend on the nature of the work undertaken and the objectives pursued. For example, where public safety is critical (e.g. operating a nuclear power station) appetite will tend to be low, while for an innovative project (e.g. early development on an innovative computer program) it may be very high, with the acceptance of short term failure that could pave the way to longer term success.

Risk importance

Define the risk importance that is used as a measurement instrument when assessing risk. This indicates the seriousness of the risk materialising, and can for example scored on a scale of 1 – 5. The higher the value of importance (1=Negligible and 5=Catastrophic), the higher is the risk.

Risk Sub-Type level 1

This field defines the next level of classification of the selected risk type. (For example: Risk type = Financial, Sub types level 1 = Accountability, Strategy and External). There can be multiple sub types for a risk type.

Risk appetite

See definition under the Risk type = Risk appetite.

Risk importance

See definition under the Risk type = Risk importance.

Sub-type level 2

Define a unique identifying code for a risk sub-type. This field defines the next level of classification of the selected risk type and sub type level 1. (For example: Risk type = Financial, Sub types level 1 = Accountability, Sub types level 2 = Fraud, Misrepresentation, Incompetent). There can be multiple sub types for a risk type.

Risk appetite

See definition under the Risk type = Risk appetite.

Risk importance

See definition under the Risk type = Risk importance.

Impact

This field defines the impact and is the effect a risk has if it does occur. It can also be defined on a relative scale or mathematically. The definition for impact is developed during risk management planning. The team documents in the project management plan detail how probabilities and impacts are measured. For example, a red/yellow/green scale might be used, where high-probability, high-impact risks are red; low-probability, low-impact risks are green; and so forth. A probability and impact matrix can also be used.

Risk impact defines the assessment of the process for assessing the probabilities and consequences of risk events if they are realised. The results of this assessment are then used to prioritise risks to establish a most-to-least-critical importance ranking. Ranking risks in terms of their criticality or importance provides insights to the project's management on where resources may be needed to manage or mitigate the realisation of high probability/high consequence risk events.

Likelihood

Likelihood is the chance that something might happen or re-occur. Likelihood can be defined, determined, or measured objectively or subjectively and can be expressed either qualitatively or quantitatively (using scale calculations). This represents the likelihood of the risk materialising, and can for example scored on a scale of 1 – 5. The higher the value of likelihood (1=Rare and 5=Almost certain).

Priority

Risk priority is per definition the rating resulted by combining the assessed likelihood of a risk to occur (i.e. risk probability) and its projected impact.

Stakeholder

A stakeholder is a person or an organisation that can affect or be affected by a decision or an activity. Stakeholders also include those who have the perception that a decision or an activity can affect them.

Date/time reported

This field defines the date/time that the risk was raised in the system.

Date/time observed

This defines the date/time that the risk was observed or discovered.

Plan duration

This field defines the period planned to resolve/review this risk. The duration period unit of measurement is setup as a risk action.

Plan UOM

This field defines the unit of measure that will be used to define the duration period.

Earliest resolution

The field defines the earliest date that the risk will be resolved if all the risk actions are run in parallel with each other.

Latest resolution

The field defines the latest date that the risk will be resolved if the risk actions runs one after the other.

Status action

This field defines the status action of the risk, and indicates in what state the risk is.

Stage risk

This field can be used if the different status actions have various stages assigned on which you want to work/report.

Impacted service lines

This grid is displayed only in the line view of the form.

Button

Description

Add line

Use this to add another service line that can be impacted by risk that was raised.

Remove

Use this to remove a service line that can be impacted by risk that was raised.

Field

Description

Service type

Select from the drop down the area that will be affected/impacted by the risk that was raised. Multiple service areas can be affected, and the service type differentiate between service catalogue areas, objects or resources.

Service code

This field defines the service type of type = service catalogue and select from the pre-defined service catalogue the code.

Type of resource

This field defines the resource type that will be impacted by risk. (For example resource type = Trade)

Resource code

This field defines the resource code that will be impacted by risk. (For example resource code of trades = mechanic)

Object code

This field defines the object that will be impacted by risk. (For example object type = Vehicle)

Structure code

This field defines the structure position that will be impacted by risk.

Specific ID

This field is selected to define the specific asset that will be impacted by this risk.

Risk description

This field defines the description of the risk on the service line.

Date/time reported

This field is the date/time when it was discovered that the impacted service line will be affected by the risk.

Line details

This tab is displayed only in the line view of the form and is the line details for the impacted service line.

Tab

Field

Description

General

Risk Description

The description that defines the detail about the risk.

Setup

Organisation

This field defines the organisation that will be impacted by this risk.

Organisation structure

This field is the structure position of the organisation impacted by the risk.

Location code

This field defines the location that will be impacted by this risk.

Location structure

This field is the structure position of the location impacted by the risk.

Planned duration (hours)

This field defines the planned duration for this risk actions to be completed.

Planned UOM

This defines the unit of measure that will be used to calculate the planned duration for the risk actions to be completed.

Actual duration

This field defines the actual duration for this risk actions to be completed.

Actual UOM

This defines the unit of measure that will be used to calculate the actual duration for the risk actions to be completed.

Header View

This detail is displayed only in the header view of the form.

Fast Tabs

Field

Description

General

Risk Description

This is a short detailed description to define the risk.

Status action

This field defines the status action of the risk, and indicates in what state the risk is.

Stage risk

This field can be used if the different status actions have various stages assigned on which you want to work/report.

Specification

Impact

This field defines the impact and is the effect a risk has if it does occur. It can also be defined on a relative scale or mathematically. The definition for impact is developed during risk management planning. The team documents in the project management plan detail how probabilities and impacts are measured. For example, a red/yellow/green scale might be used, where high-probability, high-impact risks are red; low-probability, low-impact risks are green; and so forth. A probability and impact matrix can also be used.

Risk impact defines the assessment of the process for assessing the probabilities and consequences of risk events if they are realised. The results of this assessment are then used to prioritise risks to establish a most-to-least-critical importance ranking. Ranking risks in terms of their criticality or importance provides insights to the project's management on where resources may be needed to manage or mitigate the realisation of high probability/high consequence risk events.

Likelihood

Likelihood is the chance that something might happen or re-occur. Likelihood can be defined, determined, or measured objectively or subjectively and can be expressed either qualitatively or quantitatively (using scale calculations). This represents the likelihood of the risk materialising, and can for example scored on a scale of 1 – 5. The higher the value of likelihood (1=Rare and 5=Almost certain).

Priority

Risk priority is per definition the rating resulted by combining the assessed likelihood of a risk to occur (i.e. risk probability) and its projected impact.

Stakeholder

A stakeholder is a person or an organisation that can affect or be affected by a decision or an activity. Stakeholders also include those who have the perception that a decision or an activity can affect them.

Origin

Reported by

This field defines the detail of the person who reported the risk.

Date/time reported

This field defines the date/time that the risk was reported on the system.

Observed by

This field defines the detail of the person who observed the risk.

Date/time reported

This field defines the date/time that the risk was observed.

Analysis

Monetary loss

This field defines the monetary loss scoring that indicates the level of loss.

Business loss

This field defines the business loss scoring that indicates the level of loss.

Risk cause

This field defines the cause of the risk. Select from pre-defined causes.

Effect

This field defines the effect of the risk on the business.

Duration response

This field defines the duration for the risk to be investigated/resolved.

UOM code response

This field defines the unit of measure that was used to define the duration time.

Referred risk

This field defines if the risk was referred for further investigation.

Plan UOM code

This field defines the unit of measure that was used to define the planned duration time.

Review date

This field defines the date when the risk should be reviewed for further action.

Resolution

Cost

This field defines the cost value to resolve the risk that was raised.

Currency code

Select the currency code to define the cost value of the risk.

Actual duration

This field defines the actual time for the risk to be resolved.

Actual UOM code

This field defines the unit of measure that was used to define the actual duration time.

Completed date

This field defines the date/time that the risk was completed.