Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.

 

Risk History

  1. Last updated
  2. Save as PDF

History At The Risk Level

Users of OpRiskControl are able to record notes about a Risk using the Risk History form. In addition, many records are written automatically to the Risk history file as specified on the System Settings page. Apart from the history file, all changes are written to an Audit file in case forensic analysis is required.

Whenever a Risk is reviewed, a record is written to the history file showing the new likelihood, consequence and Risk rating. This will happen if either the likelihood or consequence or Risk review date is changed. The automatic record will use the current date, a history type of Risk Review, and the current Risk recorder’s name.

image

Date

Required: Enter the date the comment was entered. It should default to the current date, but can be altered and back-dated (subject to organisational standards).

History Type

Required: Select the history type from the list. There are example history types already created, but if you need different history types, ask your System Administrator to set them up for you.

Follow Up

Optional: If there is to be a follow-up, enter the date due. This field is interrogated by the Alert Reminders program.

Recorded By

Required: Select the comment recorder (user who records the comment) from the User list.

Comment

Required: Enter any appropriate comment. There is space for 255 characters.

Risk Rating History

Apart from Risk Change History there is a separate page to log Risk rating changes specifically. There is a drop-down on the right to select Inherent, Residual or Target Residual rating changes with the last change at the top of the page.

image

The system logs any change of Inherent, Residual or Target Residual rating on the main Risk form.

The system logs any change of Residual or Target Residual rating due to Mitigation Actions, provided Residual Override is not active on the Risk.

Any Risk Status not Open and any Note that has been edited will be highlighted in yellow to draw attention to them.

The Score is determined by the System Settings Formula for Rating Score.

If your Asset Types are exactly the same as your Consequence Matrix column headings then the system will retrieve the Consequence Description for the relevant Consequence Level, else the Consequence Name only is displayed (as shown above).

As well as logging changes in Consequence at the Risk level, the system is capable of logging changes to specific areas of Consequence (i.e. columns in the Consequence Table) if Consequence Factors has been activated on any Risk.

If you are using Consequence Factors that are exactly the same as your Consequence Matrix column headings then the system will retrieve the Consequence Description for the relevant Consequence Level.

History At The Action Level

History about mitigation Actions (treatments or existing controls), can be logged with the Action that it relates to, and/or with the Risk it relates to. Select an Action from the Action grid and click the History link.

image

The amount of Action History which is logged (and where it is logged – on the Risk History tab, or by clicking the History link as described above, or both places) is determined by the settings on the History tab.

note.gif

Note For Administrators: Select the System tab, then select System Settings and select History.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.