Skip to Content

Creating risk & compliance documents

The highest risk can be identified, and documented with priority for controls, policies, and procedures that can be noted in the compliance plan.

This topic guides you on how to submit and edit risk & compliance documents.

To create and edit a risk & compliance document

  1. Log in Portfolio Management application.
  2. Open the Demand, Project, Program, Portfolio or Requirement, where you want to create the new document.
  3. Go to the Related tab and click New.

  4. On the Create Document page, enter the values for the following fields: 

    Field

    Description

    Document Type

    Select Risk & Compliance from the dropdown.

    Index

    Enter the position number at which you want to place the document. This field helps maintain the indexing of documents.

    Summary 

    Enter a summary to describe the objective of the Document. 

    Visible in Portfolio

    Select from: Yes or No. If selected Yes, the document will be listed on the related tab of the portfolio.

  5. Click Create. The new document is created in Draft status.
  6. To add the document's details, click on Summary from the list.

  7. On Specify Document page details, add the data required in the corresponding fields: 

    Field

    Description

    Risk Description

    Enter a description of Risk which will describe the objective.

    Base Value

    Enter a base value (cost). The base value is defined as the likely cost of the planned project if no significant problems occur. 

    Number of Risk Items (NI)

    Enter the number of items at risk. This ranges from 1-1000000.

    Total Value

    Auto-Calculated as: Base Value * Number of Risk Items

    Asset Value

    Fill in asset value. In order to figure out the value of assets, individual business managers must be consulted. Analysts who specialize in business systems.

    Exposure Factor

    Define the exposure factor. The exposure factor is represented in the impact of the risk over the asset, or the percentage of asset lost.

    Single Loss Expectancy (SLE)

    Auto-Calculated as: Asset Value * Exposure Factor

    Annualized Rate of Occurrence (ARO)

    Define the probability that a risk will occur in a particular year.

    Uncertainty

    Define Uncertainty. This refers to situations under which either the outcomes and/or their probabilities of occurrences are unknown to the decision-maker.

    Annualized Loss Expectancy (ALE)

    Auto-Calculated as: SLE * ARO * Uncertainty

    Risk Type

    Select from: Asset Risk, Functional Risk, Security Risk

    Safeguard Costs

    Safeguard cost = ALE (before implementation of safeguard) - ALE (after implementation) - the annual cost of the safeguard.

    This results in the ROI.

    Implement Safeguard Recommendation

    Select from: Red, Amber, Green

    Attachment

    Click to add an attachment. For example, you can associate videos for more information on documents.

  8. Click Save. Once required information based on document type is added it goes into Defined status. 


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Portfolio Management 23.3