Automatic calculation of residual risk

Residual risk is the risk that is LEFT after the administration takes control measures to change the probability or the impact of risks. In this version, it is possible to configure the system to automatically calculate the value of the Residual Risk based on the value of the effectiveness of the controls associated with the risk. To use this functionality, the evaluation method type of the risk must be Matrix or Quantitative. Only in those configurations it is possible to set the automatic calculation of the residual risk.

There are two options to automatically calculate the residual risk. The first calculation option uses the result of the Control evaluations as the effectiveness % (Percentage) of the controls to reduce the risk evaluation. The second uses the result of the control evaluations as subtraction of the risk evaluation.