Skip to content
English
Customer portal
Go to formalize.com
  • There are no suggestions because the search field is empty.

Risks Mitigation - Manual

This article walks you through how you can apply a manual risk strategy in Formalize. 

Overview

The Risk module in Formalize provides a structured workflow for identifying, assessing, and managing risks. By combining configurable risk types, approval flows, mitigation fields, and custom fields, the module ensures flexibility while supporting consistent risk governance across the organization. 

Risk Strategy - Manual Mitigation

Within the risk, you can view and modify the risk strategy under the Version history section. The default setting is always Strategy Pending. To change the strategy, click on Update risk strategy.

In the newly opened window, you can choose between different strategies and make changes to the risk, including updating probabilities and consequences. The available strategies are:

  • Mitigate risk
  • Accept risk
  • Avoid risk
  • Transfer risk

Additionally, any previously created mitigation fields within the risk settings will be displayed here and must be completed with further information.

An article about risk settings can be found [here].

When updating a risk strategy, you can connect previously defined controls or tasks as mitigation connections. A side window will open where you can choose the relevant items by selecting the checkboxes. Alternatively, you can create a new task immediately.

In the following section, you can make manual changes to the risk, which will result in a new residual risk score once saved. The new risk version includes a matrix showing the risk score progression.

The newly saved risk strategy can also be found under Version history. You can access previous versions at any time by clicking on them.

Manual vs Calculated Mitigation

Formalize distinguishes between two broad approaches to handling risk mitigation:

  • Manual mitigation: where you manually define mitigation actions, controls, or processes to reduce risk. You decide what needs to be done, attach relevant mitigation measures, and set a new score for probability and consequence  manually.
  • Calculated mitigation: where risk reduction is modelled by Formalize when controls are implemented. In other words, once a control tied to a risk is implemented, Formalize automatically recalculates the residual risk by an overall set percentage, reflecting the lower probability or consequence. 

Common Questions

  1. Can the naming of 'Consequence' and 'Probability' be changed?
    No. The naming of  'Consequence' and 'Probability' cannot be changed. 
  2. What is the maximum size of the risk matrix?
    The risk matrix can range from 3×3 up to 7×7. It is configured within Risk Types by adjusting and modifying the levels of Consequence (x-axis) and Probability (y-axis). 



lea

by Lea Vietze, Solutions Engineering Team Lead

We hope this article was helpful in gaining more understanding of Manual Risk mitigation!

For any additional support, you are welcome to reach out with any questions by email, at support@formalize.com.