Skip to Content

Creating risk & compliance documents

The highest risk can be identified, and documented with priority for controls, policies, and procedures that can be noted in the compliance plan.

This topic guides you on how to submit and edit risk & compliance documents.

To create and edit a risk & compliance document

  1. Log in Portfolio Management application.
  2. Open the Demand, Project, Program, Portfolio or Requirement, where you want to create the new document.
  3. Go to the Related tab and click New.

  4. On the Create Document page, enter the values for the following fields: 

    Field

    Description

    Document Type

    Select Risk & Compliance.

    Index

    This field allows maintaining the indexing of documents. 

    Summary 

    Enter a Summary of the Document which will describe the objective. 

    Visible in Portfolio

    Values: Yes, No. If 'Yes', the document is listed on the related tab of the portfolio.

  5. Click Create.
  6. The new document is created in Draft status.
  7. For adding the document's details, click on Summary from the list.

  8. On Specify Document page details, add the data required in the corresponding fields: 

    Field

    Description

    Risk Description

    Enter a description of Risk which will describe the objective.

    Base Value

    The base value is defined as the likely cost of the planned project if no significant problems occur. 

    Number of Risk Items (NI)

    The number of items at risk. This ranges from '1-1000000'

    Total Value

    Calculated: Base Value * Number of Risk Items

    Asset Value

    In order to figure out the value of assets, individual business managers must be consulted. Analysts who specialize in business systems.

    Exposure Factor

    The exposure factor is represented in the impact of the risk over the asset, or the percentage of asset lost.

    Single Loss Expectancy (SLE)

    Calculated as: Asset Value * Exposure Factor

    Annualized Rate of Occurrence (ARO)

    The probability that a risk will occur in a particular year

    Uncertainty

    Uncertainty refers to situations under which either the outcomes and/or their probabilities of occurrences are unknown to the decision-maker.

    Annualized Loss Expectancy (ALE)

    Calculated as: SLE * ARO * Uncertainty

    Risk Type

    Values: Asset Risk, Functional Risk, Security Risk

    Safeguard Costs

    Safeguard cost = ALE (before implementation of safeguard) - ALE (after implementation) - the annual cost of the safeguard.

    This results in the ROI.

    Implement Safeguard Recommendation

    Values: Red, Amber, Green

    Attachment

    Can associate attachments, and videos for more information on documents.

  9. Click on the Save action button to save the changes. Once required information based on document type is added it goes into Defined status. 


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Portfolio Management 22.1