Create or Edit a risk

After a Promaster or Risk Manager has configured the required settings for the Risk and Compliance Module for a Nintex Process Manager site, the Risk Manager for a Portfolio, Risk Owner and Promasters can create or edit a risk. For more information, see configure settings.

Video: Create or edit a risk

Create a new risk

  1. Do one of the following:
    • On the main navigation bar, go to Risks > Create a new risk.
    • Go to Risks > Register > Add a risk.
  2. In the New Risk dialog box, complete the fields described below.
  1. Select a Portfolio for the risk assignment. Click + to assign any number of additional portfolios.

  2. (Optional) Select a Classification for the risk. Click + to assign any number of additional classifications.

  3. Type a Risk/Compliance Title. The recommended title format is ‘bad outcome’ then ‘cause’. For example, ‘Organisation is exposed to financial loss due to failure to renew Public Indemnity insurance or renew it with adequate cover’. This field has a character limit of 1000 characters.

  4. Type a Risk Description to provide more information about the nature of the risk, and list items affected by the risk. For example, a process objective/project objective, a compliance requirement/objective, a strategic objective. You can also describe the possible outcome if the risk is not managed with treatments. This field has a character limit of 3000 characters.

  5. Add a Risk Owner to delegate the risk ownership to a different person. A Risk Owner can edit assigned risks, sign-off treatments when overdue and are notified of the escalated sign offs in the same manner as the Risk Managers.

  6. Complete the risk rating criteria: Likelihood, Severity, and Control Effectiveness. Hover over ? to view the rating criteria descriptions. If a risk is associated to multiple portfolios, clicking on ? and then hovering over it again will toggle between the different rating criteria.

  7. If Severity sub-categories are enabled, select a value for the relevant sub-categories. At least one sub-severity must be assigned a value (i.e. not left as 'Not Applicable').
  1. Click Save.

Note: The risk will be automatically allocated a number, for example, R00019. The risk number is a system generated value and cannot be customised.

Edit a risk

  1. Go to Risks > Register. Risk items can be viewed and edited in the Register. You must have edit rights to the assigned portfolio to edit a risk.
  2. Hover over the risk you want to edit and click edit.
  3. Make the required changes and click save
  4. Type a Change Description and click OK.

Delete a risk

  1. Go to Risks > Register.
  2. Hover over the risk you want to delete and click edit.
  3. Click delete.
  4. Click Yes to confirm.

Note: If there are completed sign-offs or completed process changes associated to the risk then it will be deactivated, otherwise it will be deleted. Deactivated risks can be viewed from Risks > Audit History by selecting the Show Deactivated check box. If you select the Show Deactivated check box, only the deactivated risks are displayed.

Import risks

You can create multiple risk items at the same time using the Import Risks feature available on the Risks > Register page.

  1. Go to Risks > Register > settings> Import Risks.
  2. In the Import Risks dialog box, click excel to download the template.
    Note: 
    • include a key/reference number in the first column to update the data for an existing risk.
    • use ; (semi-colon) to separate multiple Portfolio or Classification values.

    • you cannot import treatments.

  3. Click Choose File and select the file to import.
  4. Click Import.

View risk change log

To access the change log for a risk, its associated treatments, sign off records, and process changes:

  1. Go to Risks > Register.
  2. On the risk summary, you can view the following:

    • Signoff History: Displays the Audit History page.

    • Change Log: Displays the Change Log page.