Action Plans are follow-up activities that a User wishes to track to completion. Essential ERM provides functionality to create and track Action Plans, including intuitive workflow features that allow Users to assign Action Plans and send automated reminders to system Users and Contributors. Contributors may be individuals inside or outside the organization.

Action Plans can be tracked independently, or can be linked to multiple Risks and Mitigations. New Action Plans can be created from the Action Plan Explorer and from the Action Plans sections in the Risk Details and Mitigation Details screens.

Also note that within the complementary Essential Strategy system, multiple Action Plans can be grouped and managed together within a single Strategic Initiative / Project.

The clicking on an Action Plan name in the system opens the Action Plan Details screen.

The core features of the Action Plan Details screen function similarly to details screens, including editing the name and description, deleting the record, Change Log tracking, attaching linked documents and resources, attaching Indicators, adding notes, and more.

Within the Action Details screen, Standard and Admin Users can attach and remove Risks and Mitigations from an Action Plan. Users can also edit the Status, Due Date, and assigned individual for the Action Plan. Please note that within Essential ERM, Action Plans can only be assigned to a single User or Contributor at one time.

If the Action Plan Workflow feature is enabled for your organization, the Request Updates section can be used to configure and send automated update requests via email to all User types (Admin, Standard, and Read Only) and Contributors.

A Standard or Admin User can select one of two options:

Once a User makes any changes in the Request Updates section, a green Save button will appear. The User must click this button to save their changes.

The blue Request Update Now can be clicked at any time to immediately send an email update request to the assigned individual. This request will not affect any pending automated requests that have already been configured and saved in this section.

When a User has configured and saved automated update requests, the system will track and automatically send emails to the assigned individual, based on the configured rules. Please note that the time of day of automated requests will be based on the time that they were configured. For example if a User configures and saves an automated update request at 9am, it will be sent to the assigned individual at 9am on the specified day(s) in the future.

At the scheduled date and time, the assigned individual will receive the following email reminding them of the Action Plan that is assigned to them and requesting an update.

The recipient can click on the link in the email to open the Action Plan update window shown on the following page. The link is valid for 72 hours and can be used repeatedly during that time period, allowing the individual to change their response and/or provide multiple updates.

The Action Plan Update Screen will scale all screen sizes, including mobile phones. Input windows are intuitive such that they can be reviewed and completed without prior training.

Note that the information displayed on the screen is limited, as recipients of emails do not need to authenticate into the system to click on the link and view the update screen. This flexibility allows system Users to involve many people in ERM processes without having to manage credentials for them or provide them training in advance.

This capability also allows Users to involve individuals outside of the organization, such as key suppliers, in the management and updating of Action Plans. Users should contact their administrator and/or information security manager to confirm the organization’s policy on involving external personnel in ERM processes.

Once a User or Contributor opens the Action Plan Update Screen, the Action Plan name, owner, and attached Risks and Mitigations will be displayed in a read only format.

The current Action Plan Due Date, Status, and Description will also be displayed and can be edited by the recipient. Any changes made to this update screen will be captured and displayed in the change log on the Action Plan Details screen in Essential ERM.

The recipient may also click in the Notes section to enter and attach a note to the Action Plan Details screen. If the Action Plan Update Screen is closed and reopened, additional Notes entered will be saved as separate notes on the Action Plan Details screen.

When the Actions option is selected in the top menu bar, the explorer screen below opens by default. This explorer displays all open Action Plans, in a scrolling monthly timeline view. This can be changed to a quarterly view by clicking the menu that displays “Monthly” and selecting “3 Months” (pictured below). Action plans can be opened and edited by clicking on the blue Action Plan name in each rectangle.

Open Action Plans include all Action Plans with status values of Planned, In-Progress, On Hold, and Delayed. Action Plans with the status Complete or Canceled will not be displayed in the default view, but can be displayed if the dropdown showing “Active” is changed to “All Actions”.

Each Action Plan displayed in this explorer includes a coloured circular status light. The colors of this status light are set as follows:

Note that Action Plans changed to Complete or Canceled will be removed from the standard “Active” view and will only be displayed in this screen when the view selector is changed to “All Actions”, as pictured below. In this view, Action Plans marked Complete will be colored light green.

Standard and Admin Users can change the due date of Action Plans by clicking and dragging the Action Plan to a new column and then using the pop up date selector.

Once a User begins moving an Action Plan in this way, a slide up menu will appear at the bottom of the explorer window. The User can drag and drop the Action Plan onto the Cancel Action or Complete buttons to change the Action Plan status accordingly. This is intended for quick changes. Additional status options are available by opening and editing the Action Plan Details screen.

Users can click the highlighted button in the top left corner of the Actions Explorer to change from the default timeline view to the grid view pictured below.

This view displays additional information and filters, including a Portfolio filter, if the Risk Portfolios feature is enabled by your administrator. Filters can be used to filter to screen view for Action Plans that meet the specified conditions.

Users can click on Action Plan names to open the associated Action Plan Details screen. Users can also click on the blue names of the Attached Risks and Attached Indicators to open those records as well.

Note that the Attached Risks displayed will be based on the User’s portfolio access options, if the Risk Portfolios feature is enabled. If a User does not have access to an attached Risk, the text “Restricted Risk” will be displayed in black font in place of the Risk name and the blue hyperlink will be removed from the name, such that Users will not be able to open and view these Risks.