Define the risk appetite for an entity

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Define the risk appetite on the entity records in the Risk Management application to evaluate all the possible risks and to set the boundaries for the acceptable and unacceptable risks for your business.

    Before you begin

    Role required: sn_risk.user

    About this task

    Entity owners can define the risk appetite and tolerance and then copy the qualitative risk appetite to the downstream entities. By doing this task, a business can define and manage an action plan when there's a breach. By defining the qualitative (numerical scale and ratings) and quantitative (monetary value) appetite, a risk user can understand the risk appetite and take decisions. For more information on the risk appetite and tolerance, see Risk appetite and tolerance in Advanced Risk.

    Procedure

    1. Navigate to All > Risk > Risk Workspace.
    2. Select the list icon List icon. and navigate to the entity.
    3. Define the risk appetite for a new or an existing entity:
      • To define the risk appetite for a new entity, select New.
      • To define the risk appetite for an existing entity, select and open the required entity record.
    4. On the entity form, select the Risk Appetite section and fill in the fields.

      For a description of the field values, see Risk appetite fields on the Entity form.

    5. Select Save.
    6. Optional: To copy the qualitative appetite to the downstream entities, select the more actions icon More actions icon. on the form and select Copy qualitative appetite.
      Important:
      You can only copy the qualitative appetite and tolerance to downstream entities when the risk appetite of the downstream entity isn’t overridden. You must define the quantitative appetite and tolerance for each level in the hierarchy.