Articles in this section

See more

Content Customisation - Risk Methodology Management

Anthony Quinn
  • Updated
Follow

Platform: Risk Assessment

Applies to: Super Admin and Company Admin Users

The purpose of this feature is to allow the Super Admin and Company Admin users to select from a series of out-of-the-box Risk Assessment Methodologies, or create bespoke methodologies based on organisational specific risk management framework requirements.

The Risk Assessment Methodology allows customisation of:

  • Inherent Risk Ratings and Inherent Risk Matrix
  • Residual Risk Ratings and Residual Risk Matrix
  • Control Effectiveness Ratings and Control Effectiveness Matrix
  • Control Metric Ratings
  • Country Risk Ratings
  • Rounding Tolerance

Methodologies that are available out-of-the-box (Global):

  • Arctic Global 4 x 4 Methodology
  • Arctic Global 5 x 5 Methodology
  • Arctic Global 6 x 6 Methodology

mceclip0.png

Methodology Dependencies

When creating App Setup content, the first step is to decide whether to use the global methodologies or create a bespoke methodology for the company.

If a bespoke methodology is required, it must be created and finalised first, before any other App Setup content is created, such as Answer Sets and Risk Models as they are dependent on the Methodology.

A methodology must be published before it can be used in the creation of other App Setup content.

While a methodology is used by any Answer Sets, Risk Models, or Assessments, it cannot be unpublished or editted. If a methodology needs updating, you must either:

  • Delete (not Archive) all the dependent assets, such as Answer Sets, Risk Models, Assessments; OR
  • Create a new methodology by copying the published one.
    Note: Creating a new methodology will require the re-creation of all the content dependent on the original methodology to also be recreated, such as Answer Sets and Risk Models.

For more information, see FAQ: What are the dependencies for App Setup content, such as the Risk Model or Methodology?

The Methodology Page

There are two tabs on the Methodology page:

  • Global - The Super Admin can work with methodologies in the Global tab. These methodologies are available to all companies.
  • Company - Company Admin users can work with methodologies in the Company tab. These methodologies are created by and maintained by the company admin for the company and are only available to that company.

Methodologies can have one of two statuses:

  • In Progress - The methodology can be changed. It is not available when creating Answer Sets, Risk Models, or Assessments.
  • Published - The methodology cannot be changed. It is available when creating Answer Sets, Risk Models, or Assessments.

Depending on the status of the methodology, and its dependencies, these functions are available:

  • Update - Use the Resume button (Button-Resume.png) to edit a Methodology with the status "In Progress".
  • Publish - Use the Publish button (Button-Publish.png) to publish a Methodology that is complete and requires no further changes.
  • View - Use the View button (Button-ViewSearch.png) to view details of a Methodology with the status "Published".
    Note: Only the Description of ratings can be edited in Published methodologies.
  • Unpublish - Use the Unpublish button (Button-Unpublish.png) to unpublish a methodology and make changes.
    Note: This function is only available for published methodologies that are not linked/used in Answer Sets, Risk Models or Assessments.
  • Action - Use the Actions button (Button-ActionMenu.png) to open the menu:
    • Methodology Details - Edit the name or description of the methodology
    • Delete Methodology - Delete a methodology that is In Progress, or Published with no dependent assets.
    • Archive Methodology - Archive a methodology that is Published and has dependent assets.

Note: A published methodology can only be unpublished if it is not linked to a Risk Model, Answer Set, or Assessment.

Example showing actions available to methodologies based on their status and dependencies:

mceclip1.png

Create a New Methodology

  1. Open the App Setup menu and select Methodology.
  2. Press the New Methodology button.
  3. Enter a name (required) and a description (optional).
  4. Select an existing methodology to copy from.
  5. Press the Create button.
  6. Complete all required fields in the Methodology Details window.
    Note: autosaves are triggered every time the focus leaves a field.
  7. Press the Publish button to finalise the methodology and make it available for use.

Update a Methodology

Open the App Setup menu and select Methodology.

Identify the in-progress methodology to be updated and press the Resume button (Button-Resume.png) to open the Methodology configuration page.

Note: Only methodologies with status In Progress can be updated.

The page automatically saves when the cursor focus changes.

When the configuration of the methodology is complete and it is ready to be finalised and used, press the Publish button.

Archive or Delete a Methodology

Open the App Setup menu and select Methodology.

Identify the methodology, open the Action menu (Button-ActionMenu.png) and select the appropriate action:

  • Delete Methodology - Available for methodologies with the status In Progress, or that are Published but not linked to any Models, Answer Sets, or Assessments
  • Archive Methodology - A methodology with status Published that is linked to a Risk Model, Answer Set, or Assessment can be archived. Press the Archive button to archive it.

Related articles

Comments

0 comments

Please sign in to leave a comment.