Overview
Regular control reviews are a critical component of effective risk management. In StartRisk, users are required to set control review intervals (monthly, quarterly, or annually) to ensure that all control information remains current and relevant. When selecting frequency, consider the following indicators for more frequent reviews:
the control is relevant for many risks
the control is performed more frequently
the control requires more human intervention (i.e. is manual in nature and not automated)
there is a history of issues or control failures
Control Editor View:
When reviewing a control, check the control title, control description, and risks the control is allocated against (review the impact on the control against the linked risks. Assign a status of No Impact against risks you do not believe the control mitigates).
Keeping this information up-to-date helps in making informed decisions and maintaining an accurate picture of the business risk environment.
Getting Started with StartRisk - Reviewing Your Risk Profile
Key Concepts
Control Effectiveness Rating is a measure indicating how well a control manages or reduces a risk.
βControl Impact indicates if a control reduces the probability of a risk event, the impact of a risk event or both.