The Risk Aspect module form is configured with 4 main Tabs or sections:
1.The General Tab contains information about the failure (generic for incident, breach, non-conformance). The assessment calculation tool (pre and post mitigation results) is designed for rating or assessing a specific aspect of the Risk identified and associated in the Risk Assessment Table. Therefore, a one to many relationship exist between the Risk (parent table) and the Aspects (child table).
2.Tab 2) contains fields for additional consequences.
3.Tab 3) contains fields for mitigation or risk treatment actions.
4.Tab 3) contains a method of generating risk impact statement based upon availability, confidentiality, integrity and financial effect.
1) General tab
A.In the form image below, Describe the failure and the failure mode.
B.Describe what may cause the failure and the failure effect.
C.The impact values for calculating the Risk Priority Number (RPN) (pre-mitigation treatments); see the look-up table for impact values: RPN = Probability (P) * Severity (S) * Detection (D)
D.The impact values for calculating the Risk Priority Number (RPN) (post-mitigation treatments);
E.Look-up Tables for Response to Risk Aspect and the current/last Status of the Risk Aspect.
F.The RPN can report the pre or post-mitigation action [√] RPN Post Mitigation Action is check-box.
See the Terminology used in Risk Assessments.
Online Internal Auditor Training Course ISO Management Systems
+1 800 644 2056