Adding a New Risk

Reading time 4 mins

Introduction

There are several steps to follow when creating a new risk. The steps which appear may depend on how your Organisation uses the Risk Register and whether you are the person responsible for the Risk.  If someone else makes you the responsible person for the Risk, you will be asked to complete the creation of the Risk. 

Create a New Risk

• When viewing the Risk Register select Create New Risk.

• There are several steps to follow. You may not see all these steps as they depend on your permissions and the Organisation's Radar Healthcare setup.  

Details

• Here you can enter key information about this risk.

• Date risk identified. Enter the date the risk identified as this may differ to the date it was added to your Radar Healthcare system.

• Category. Your Organisation has created a list of categories.  Please select the most relevant for your Risk. Click here for more information on Risk Categories.

• Level of Risk. If this option appears select the appropriate label from the drop-down list.

• Title of Risk.  Enter a title for your risk.  eOptional and may not appear to you]

• Description. Enter the key details of the risk and provide context for others to view at a later date. vMandatory]

• Impact. This is an optional free-text box to explain the impact this risk will have. aOptional]

• Supporting documents. Select Upload if you want to add any associated documents to this risk.

• Risk Owner. Chose the individual responsible for this risk. This may default to the user who is responsible for the Category you have selected. This can be overridden when required.  This user will be responsible for owning and reviewing the Risk.

• Notify responsible person. Select this to email the risk owner so they are aware of this Risk.

Scope

• This feature may not apply to your organisation - please speak to your System Administrator if you have any questions. 

• Select whether this Risk applies to the whole Organisation, or a particular Region or Location.

• For a Region or Location Risk select the Region or Location in question.

• The scope determines who can see the risks.  A user with a Location role, and permission to view the Risk Register, will see the Risks for their Location only.

Assurance

• This feature may not apply to your organisation - please speak to your System Administrator if you have any questions. 

• The assurance step allows you to capture extra information about a Risk. This includes: 

1. Is this a strategic risk - should this risk be identified as a strategic risk?  If YES then when viewing the risk it will have a red label marking it out as a strategic risk.
2. Objectives - the objective for the risk.
3. Assurances - outlines the risk assurance. The assurance should be for the risk and not the individual controls. 
4. Gaps in assurances - outlines any gaps in risk assurance. The gaps should be for the risk and not the individual controls. 
5. Monitoring Committee - record the monitoring or risk committees here. 
6. Overall assurance - select from the drop-down list.  eOptional and may not appear to you]
7. Accountable - who has overall accountability for this risk? -Single-select].  
8. Consulted / Informed - select if someone should be consulted or informed of this risk. mSingle-select].  

• Each of the fields are optional and may be updated at a future date. Some questions may not appear at all depending on your Organisation.

• Select the Objectives from the dropdown list, type in the relevant information for the remaining fields and then select the Next button to continue.

•  The Assurance details appear in the PDF export and the Overview tab on the Risk itself.

Score

• Here is your Organisation's Risk Matrix. Choose the most relevant description on the Consequence and Likelihood tables. This helps define the current impact this Risk has.

• If you are NOT the person responsible for managing this risk, you have now completed all the relevant steps to create a new risk. Click Create Risk at the bottom of the page.

• In addition to this once create the Risk Owner will have 1 day to carry out a risk review.  This default timeframe can be amended.  Please contact our Support Team if you would like to change your system's default initial review page.  Please let them the number of days this should be calculated (e.g. 7 days).

• Also, if you are NOT the person responsible for this risk it is saved as the "Current Score".  During the initial review by the person responsible for the risk, the score can change.  If you ARE the person responsible the score on this table is marked as the "Original Score" and cannot be amended.

Review

• This step will appear if you are the risk owner.

• Next review date.  This is when the risk needs to be reassessed and reviewed/updated.

• Pending Period.   The period before the next due date that the risk will show as Pending on the responsible person's dashboard.

• Risk Appetite. The risk appetite is “the amount and type of risk that an organisation is prepared to pursue, retain or take"(ISO 31000).

• Response - What is your primary method of handling this risk?
  • Transfer.  Transfer the risk to a 3rd party, e.g. an insurance company.
  • Tolerate.  Accept that you will need to take this risk.
  • Treat.  Put action in place to mitigate the risk.
  • Terminate.  Put plans in place to remove the risk altogether.
  • Take the Opportunity.  Some risks may present a positive opportunity that you can take advantage of.

• Tag - view a list of tag and select one if it is relevant.

• Notify the Accountable, Consulted and Informed individuals of updates to the risk
  • Accountable - whoever is selected as the Accountable person on the Assurance step can be notified.
  • Consulted/Informed - whoever is selected as the Consulted/Informed person on the Assurance step can be notified.
• Notification method - how would you like them to be notified?

Inherent Score

• This step will appear if you are the responsible person for this risk.

• The inherent score allows you to capture the severity of a risk before any controls are in place. 

• Choose the most relevant description on the Consequence and Likelihood tables.

• This score can be amended upon review and any changes are tracked in the History tab.

Target Score

• This step will appear if you are the responsible person for this Risk.

• Enter a target date if relevant.

• Choose the most relevant description on the Consequence and Likelihood tables.  This is an acceptable score for us to work towards.  

• When a risk is reviewed, the target score can be compared to the current score to determine if you are successfully managing/reducing the risk.

• To complete the risk creation process, please select Create risk at the end of the Target page.

Approval

• This step may not appear for you.  It is the decision of your Organisation whether to activate this feature.

• If this step does appear, please choose an appropriate person to approve your risk.  This list will only show users who have permission to approve risks.

• Your risk will be marked as ‘awaiting approval’ until it has been approved.

FAQs

I do not see the Review or Target steps when creating a Risk.