Risk Control Configurations and Settings

Navigate to Home > Framework > Risk Settings Field Configuration

This section allows Risk Administrators to customize the fields which are made visible within the different phases of risk assessments and risk control.

Screen Type Selection

A drop-down ‘Select Screen Type’ is introduced as shown above. ‘Risk’ and ‘Risk Controls’ will be included as the list items in the drop-down. By default ‘Risk’ will be selected in the drop-down displaying the existing risk field configuration screen.

Selection type drop-down will be visible only when risk control feature is activated.

When ‘Risk Control’ is selected from the drop-down list, the screen will load as below:

The field ordering is priotized to the ‘Control Detail’ screen. Control grid in risk detail assessment  and control register will follow the same order as in the control detail screen (based on the field visibility).

The Label names, and field mandatory also can be configured using this screen and applied to all areas of the control feature.

The Field visibility can be configured for the following areas:

Note : ‘Control title’ is ticked and disabled, and this is a mandatory field in all the above areas.

The following standard and custom field are included in the control configuration screen :

Field Name

Field Type

Required/Optional

Control Title

Text field

Required

Control Type

Drop-down

Note: list items can be included from the ‘custom list’ area

Optional

Control Owner

Staff drop-down

Optinal

Control Owner Rating

Drop-down

Note: Rating configured from Rating Type>Risk Control screen

Optional

Control Authorizer

Staff drop-down

Optional

Control Authorizer Rating

Drop-down

Note: Rating configured from Rating Type>Risk Control screen

Optional

Control Solution Grid

Standard Solution Grid

Note: Visibility can be configrued in control detail and quick update

Optional

Control Review Date

Date field

Optional

Control Next Review Date

Date field

Optional

Control Comment

Multiline text field

Optional

Control Authorizer Comment

Multiline text field

Optional

Control Directorate

Directorate drop-down

Optional

Control Business Unit

Business Unit drop-down

Optional

Control Service Profile

Service profile drop-down

Optional

Risk #

Risk Code

Note: this is non-editable and taken from the risk which the control is linked to

Optional

Risk Title

Risk title

Note: this  field is non-editbale and taken from the risk which the control is linked to

Optional

Risk Directorate

Directorate

Note: this field is non-editable and taken from the risk which is risk is linked to

Optional

Risk Business Unit

Business unit

Note: this field is non-editable and taken from the risk which is risk is linked to

Optional

 

Current Risk Rating

Risk Rating

Note: this field is non-editable and taken from the risk which is risk is linked to

Optional

10 Custom text fields

Singlelin text

Optional

10 Custom text fields

Multiline text

Optional

18 Custon list fields

Single select list

Optional

5 Date controls

Date fields

Optional

5 Numeric fields

Number fields

Optional

 

Control Directorate, Control Business Unit, Control Service Profile fields

Directorate, Business Unit, Service Profile fields are optional, where admin has the ability to configure. When there are more than one activated check the following;

When higher level is in ‘please select’ then lower level field will be populated with all fields (please select to be default). E.g. when directorate and business unit is activated. When Directorate field is in ‘please select’ then business unit field will populate all Bus with ‘please select as default).

When a node is selected in higher level, then lower level content will be filtered based on that selection. E.g. when a directorate is selected, the only the BU’s attached to that directorate will be displayed for BU field (where please select as default).

CUSTOM LIST CONFIGURATION

Home > Framework > Risk Settings > Custom Lists.

‘Control Type’ which is a standard control field will be included here. Visibility of this field will display only when ‘Risk Control’ feature is activated. Both the existing and new custom lists can be used for both Control and Risk areas. The newly available 10 Custom Lists will be included in the risk field configuration (except for control type).

RISK CONTROL GRID CONFIGURATION IN RISK ASSESSMENT

Framework> Risk Settings> Field Configuration> Risk type

This allows the administrator to configure the visibility of the Control grid in the risk assessment area.

RISK CONTROL RATING

Home > Framework > Risk Settings > Rating Type> Risk Control Selection

For each of the Control Type rating, you may enter a name and associate an image with it which will be used throughout the system. A colour for the control rating can be selected by clicking on the colour palette and then clicking on one of the colours available.
 

 

EMAIL TEMPLATE

Navigate to Administration>Risk Administration>Email Template.

Following control related email snippets are included for the administrator to configure

·         Control Title

·         Control Type

·         Control owner

·         Control Authorizer

·         Control Owner original rating

·         Control owner revised rating

·         Control authorizer original rating

·         Control authorizer revised rating

·         Control solution owner

·         Control solution next update

·         Control solution end date

·         Control solution completed date

EMAIL BUSINESS RULES

Navigate to Home > Administration > Risk Administration > Email.

Control related email business rules included in the email area for administrator to configure.


The following new business rules related to risk control feature is included;

Column

Description/Instructions

Email Timeframe


Control Solution Next Update: Allows you to define the time frame as number of days before or after the next update date entered in the solution. Select before/after from the drop-down and define the number of days in the text box. For example, if you required the email to be sent to recipients 2 days prior to the next update, select ‘before’ and enter number as ‘2’.

 

 

Risk Control Creation: Selecting this option will send out an email upon creation of a risk control.

 

Control Owner Rating Change: Selecting this option will send an email upon owner rating change.

 

Control Authorizer Rating Change: Selecting this option will send an email upon authorizer rating change.


Control Solution Creation: Selecting this option will send the email to the recipients on the day the control solution created.

 

 

Control Solution End Date: Selecting this option will send an email on the date the control solution is ending.

 

Control Solution Completed Date: Selecting this option will send an email on the date the risk solution is completing.

Recipient

Control Owner

Control Authorizer

Control Solution Owner

 

Risk Control Rating (new column)

Tick the required boxes to generate reminders only for risk controls  that have the particular risk control rating/s.
 

 

 

 

 

 

Copyright © 2014-2015 CAMMS Online Help. All rights reserved.

Last revised: November 26, 2017