GRC Risk Management - Risk appetite
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-14-2024 09:31 AM
Hello, in order to show the risk appetite status in the risk record or risk assessment (i.e. inside appetite - green, outside appetite - amber, outside tolerance - red), we have to link our risk appetite scale to the Qualitative Rating Criteria under Risk Assessment Methodology. However, our risk appetite scale does not match with our risk rating criteria (please see it attached), so we have risks where the risk appetite status is showing as "outside appetite", where it should be "inside appetite" (for example, risks with risk appetite Averse 1-5 scored 5 and risks with risk appetite Cautious 6-10 scored 10 are reported as "outside appetite" where they are "inside appetite"). Please can you advise if there is another way to set this up, without linking the risk appetite scale to the risk rating? Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2024 09:26 PM
Hi @robertaz ,
There are two properties, which contributes here:
Define risk appetite as
sn_risk_advanced.risk_appetite_scale |
Option to select the risk appetite type:
Note: Only one property between the Define risk appetite as and Express risk appetite in can be configured at a time. Configure a property first, save it, and then configure the other property.
|
Express risk appetite limits in
sn_risk_advanced.risk_appetite_analysis |
Option to select risk appetite scale:
Note: Only one property between Define risk appetite as and Express risk appetite in can be configured at a time. Configure a property first, save it, and then configure the other property
|
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-18-2024 08:56 AM
Hi Sandeep,
Thank you for your reply.
We have already set up properties for
- sn_risk_advanced.risk_appetite_scale as Risk appetite and risk tolerance (2-point scale)
- sn_risk_advanced.risk_appetite_analysis as qualitative term only. When you say "The risk ratings are compared with the qualitative appetite and tolerance to calculate the qualitative appetite status", we have to link the risk appetite scale to the risk rating scale under the risk assessment methodologies. But these two scales do not match, there is not 1 to 1 relationship as per screenshot attached above. For example a medium risk (risk score 5-9) in the risk rating is linked to 2 risk appetite scales (Adverse 1-5 and Cautious 6-10). Is there any other way to calculate the qualitative appetite status (without linking the risk appetite scale to the risk rating)?
Many Thanks.
Regards,
Roberta