Reviewing and Updating Risks
Risks within the Risk Register should be regularly reviewed and update to match any increase in likelihood or impact to the business. They can be examined in more detail within the OneClickComply platform by selecting Review on the associated risk, as shown below:
Once selected, a new page will be opened, expanding on the different categories that the risk is broken down into. For a refresher on these categories, click here.
Let's have a look at an expanded version of the above task:
This risk, an outdated server, can now be examined in more detail. Let's look at the four new sections on this page:
Risk Description: A more in-depth explanation of the risk e.g what the risk is, the potential damage to the business, or any other important details.
Mitigation Strategy: Allows users to detail the steps that the business has taken, or will take, in order to reduce the impact on operations.
Review Frequency: Lists how regularly the business should go back and review this risk.
Documentation: An area for users to upload documentation that is relevant to this risk. For example, an insecure network could have the results of a penetration test attached to evidence the fact that the business is aware of the need to secure it.
If needed, risks can be updated by selecting the Update button when reviewing a task in greater detail. This will open a new window and allow users to modify the information associated with the risk, and attach any documentation as required.
Once selected, a new page will be opened, expanding on the different categories that the risk is broken down into. For a refresher on these categories, click here.
Let's have a look at an expanded version of the above task:
This risk, an outdated server, can now be examined in more detail. Let's look at the four new sections on this page:
Risk Description: A more in-depth explanation of the risk e.g what the risk is, the potential damage to the business, or any other important details.
Mitigation Strategy: Allows users to detail the steps that the business has taken, or will take, in order to reduce the impact on operations.
Review Frequency: Lists how regularly the business should go back and review this risk.
Documentation: An area for users to upload documentation that is relevant to this risk. For example, an insecure network could have the results of a penetration test attached to evidence the fact that the business is aware of the need to secure it.
Updating risk details
If needed, risks can be updated by selecting the Update button when reviewing a task in greater detail. This will open a new window and allow users to modify the information associated with the risk, and attach any documentation as required.
Updated on: 28/02/2025
Thank you!