PartnerAlly Docs
Risks

Risk Details

Understanding the risk detail view and managing individual risks.

Risk Details

The risk detail view provides comprehensive information about a single risk. This guide explains each section and how to effectively manage risks.

Opening Risk Details

Access the detail view by:

  • Clicking a risk in the Risk Registry or Priority Queue
  • Direct URL - Each risk has a unique URL for bookmarking/sharing
  • From related items - Click risk links from gaps, workflows, or dashboards

Detail View Layout

The header shows:

  • Risk title - Primary identification
  • Severity badge - Color-coded severity
  • Status badge - Current status
  • Priority score - AI-calculated priority
  • Actions menu - Edit, workflow, delete options

Key Metrics

Quick-view metrics:

  • Risk Score - Likelihood × Impact
  • Days Open - How long since creation
  • Related Gaps - Count of linked gaps
  • Mitigation Progress - If a workflow exists

Information Sections

Overview

Primary risk information:

FieldDescription
DescriptionFull risk explanation
CategorySecurity, Compliance, etc.
Likelihood1-5 probability rating
Impact1-5 business impact rating
Risk ScoreCalculated L × I score
OwnerAssigned responsible person
CreatedDate risk was added
Last UpdatedMost recent modification

Assessment Details

Risk assessment information:

FieldDescription
Inherent RiskRisk without controls
Residual RiskRisk after controls
Control EffectivenessHow well controls work
TreatmentMitigate, Transfer, Accept, Avoid

Connected items:

Item TypeDescription
GapsLinked compliance gaps
ControlsControls that mitigate this risk
WorkflowsRemediation workflows
DocumentsRelated evidence/policies

Activity

Complete history:

  • Status changes
  • Property edits
  • Comments
  • Workflow updates
  • System events

Managing Risk Status

Status Options

StatusWhen to Use
OpenRisk identified, not addressed
MitigatingActive work underway
MitigatedRisk reduced to acceptable level
AcceptedFormally accepted with approval
ClosedNo longer relevant

Changing Status

Click Status Badge

Opens status change dialog.

Select New Status

Choose the appropriate status.

Add Notes

Document why the status is changing.

Save

Status updates and is logged in history.

Status changes are logged in the audit trail. Always add meaningful notes explaining the change.

Editing Risk Properties

What Can Be Edited

  • Title and description
  • Category
  • Likelihood and impact
  • Severity
  • Owner
  • Related items
  • Custom fields

Edit Process

  1. Click "Edit" button in header
  2. Modify desired fields
  3. Review changes
  4. Click "Save"

Bulk Editing

For multiple risks:

  1. Select risks in Registry view
  2. Click "Bulk Edit"
  3. Choose fields to update
  4. Apply changes

Risk Assessment

Initial Assessment

When adding a risk:

  1. Assess inherent risk (without controls)
  2. Identify existing controls
  3. Evaluate control effectiveness
  4. Calculate residual risk
  5. Determine treatment approach

Reassessment

Periodically reassess risks:

  • Quarterly for high/critical risks
  • Annually for medium/low risks
  • After significant changes
  • Following incidents

Assessment Documentation

Record in the risk:

  • Assessment date
  • Who conducted it
  • Methodology used
  • Findings and reasoning
  • Recommended actions

Risk Treatment

Treatment Options

TreatmentDescriptionWhen to Use
MitigateReduce likelihood or impactWhen controls can lower risk
TransferShift risk to third partyInsurance, outsourcing
AcceptAcknowledge and live withLow risk or cost prohibitive
AvoidEliminate the risk sourceChange approach entirely

Documenting Treatment

Record your treatment decision:

  1. Open risk details
  2. Edit treatment field
  3. Add treatment rationale
  4. Link mitigation activities

Creating Workflows from Risks

For risks requiring remediation:

Click "Create Workflow"

Opens workflow creation from risk context.

Configure Workflow

Set name, tasks, and assignments.

Workflow automatically links to the risk.

Start Workflow

Begin remediation activities.

Risk Comments

Adding Comments

  1. Scroll to Comments section
  2. Type your comment
  3. @mention team members
  4. Click "Post"

Comment Uses

  • Discuss risk with team
  • Document decisions
  • Share updates
  • Ask questions
  • Record meeting notes

Viewing History

Activity Timeline

The Activity tab shows:

  • All status changes
  • Property modifications
  • Comments added
  • Workflow updates
  • Who made each change
  • When changes occurred

Audit Trail

For compliance purposes:

  • Every action is logged
  • Timestamps are recorded
  • User identity captured
  • Changes cannot be deleted

Risk Scoring Deep Dive

Score Components

ComponentCalculation
Inherent ScoreLikelihood × Impact (no controls)
Control Factor% reduction from controls
Residual ScoreInherent - (Inherent × Control Factor)
Priority BoostAI factors (age, gaps, audit)

Score Interpretation

ScoreRisk LevelAction Required
17-25CriticalImmediate action
10-16HighPrompt action
5-9MediumPlanned action
1-4LowMonitor

Linking Items

Adding Gaps

  1. Click "Link Gap" in Related Items
  2. Search for gaps
  3. Select relevant gaps
  4. Save links

Adding Controls

  1. Click "Link Control"
  2. Search for controls
  3. Select relevant controls
  4. Note how they mitigate

Adding Documents

  1. Click "Link Document"
  2. Select from document library
  3. Or upload new document
  4. Explain relevance

Linking items creates a complete picture of the risk context and helps demonstrate due diligence during audits.

Exporting Risk Details

Export for reporting:

  1. Open risk details
  2. Click "Export"
  3. Choose format (PDF, CSV)
  4. Download file

Export includes:

  • All risk properties
  • Assessment details
  • Related items list
  • Activity history

Common Questions

Can I delete a risk?

You can, but it's not recommended. Instead:

  • Mark as "Closed" with explanation
  • Archive if feature available
  • Keep for audit trail

How do I transfer ownership?

  1. Edit the risk
  2. Change the Owner field
  3. Notify the new owner
  4. Document the transfer reason

What if I disagree with the assessment?

  1. Add a comment explaining your view
  2. Discuss with the risk owner
  3. Request reassessment if needed
  4. Document the final decision

Next Steps

Adding Risks

Learn how to add new risks to your Risk Registry.

Crypto-Specific Risks

Understanding and managing cryptocurrency and blockchain-related compliance risks.

On this page

Risk DetailsOpening Risk DetailsDetail View LayoutHeaderKey MetricsInformation SectionsOverviewAssessment DetailsRelated ItemsActivityManaging Risk StatusStatus OptionsChanging StatusClick Status BadgeSelect New StatusAdd NotesSaveEditing Risk PropertiesWhat Can Be EditedEdit ProcessBulk EditingRisk AssessmentInitial AssessmentReassessmentAssessment DocumentationRisk TreatmentTreatment OptionsDocumenting TreatmentCreating Workflows from RisksClick "Create Workflow"Configure WorkflowLink to RiskStart WorkflowRisk CommentsAdding CommentsComment UsesViewing HistoryActivity TimelineAudit TrailRisk Scoring Deep DiveScore ComponentsScore InterpretationLinking ItemsAdding GapsAdding ControlsAdding DocumentsExporting Risk DetailsCommon QuestionsCan I delete a risk?How do I transfer ownership?What if I disagree with the assessment?Next Steps