Assessing a risk on a risk card

From the Task Manager app, you can set risk rating factors and edit the weight of controls on all the risks assigned to you. There are two types of risks:

  • Risks from Projects These are general risks assessed by a single individual, typically a domain expert. The risk score represents the overall risk as a single entity.

  • Risk assessments These are more comprehensive and involve input from multiple individuals or departments. The risk owner solicits feedback from various stakeholders on specific aspects of the risk, such as its likelihood and potential impact. After all the feedback is collected, the risk owner compiles the data to determine the final risk score.
    Risk assessments provide a more focused approach, allowing the risk owner to make a more informed decision about the overall risk.

Risk card widgets

The widgets displayed on the risk card provide the following information:

Task Manager

Widget

 Description

No Control associated

No controls are associated with the risk.

Completed The Task Manager is complete, and both the inherent and residual risk scores have been calculated.

AI Risk Essentials risk workshop cards

Task Manager now supports risks created through the AI Risk Essentials Risk Workshop. Risk cards automatically display workshop details such as the risk description, message from the risk owner, due date, and any supporting documents or attachments. Impact and Likelihood can be added directly in Task Manager, and the risk score is automatically updated based on current workshop results. Each card also shows the current and recent score context along with scoring rationale to support informed decision‑making.

Assess risks

To view and complete all your assigned risks, follow these steps:

  1. From the Platform home page (www.diligentoneplatform.com), select the Task Manager.

    If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Task Manager app.

    Note

    • You will receive an email notification with a link to the app to begin the scoring process. This may include a single task or multiple tasks in bulk, each with different headlines for the same risk.

    • For bulk notifications, all links are provided in one email.

    • Bulk emails are applicable only for Risk Assessments.

  2. From the Activities dashboard, select a risk card.

    The Risks view displays tasks, associated controls, risk ratings, descriptions, and other related activities. The cards are labeled as either Projects or Risk Manager, depending on their integration source.

  3. In the Tasks tab, select the risk scoring factors from the Impact and Likelihood dropdown menus.

  4. Complete the following steps based on the risks assigned to you:

  5. If Risks assigned to you are within Projects:
    1. Select Submit and complete to save your changes after updating the risks details and metrics.
    2. Select Complete in the confirmation pop-up to finalize the risk updates.
      The risk card displays the calculated scores, Inherent Risk Score and Residual Risk Score, as a toast message based on the information you entered. You can review the scores from the Completed view.
    3. Issues tab View existing issues or create new ones by selecting Add Issue. Enter the required details such as title, description, and issue type. Then select Save or Save and Add Another.

      4. Note

      • You can view the list of issues linked to the activity. To take action, select the external link icon to go directly to the specific request within the Projects app.

      • Only assigned owners have permission to view or modify issues and requests.

    4. Associated controls tab View or modify existing control associations. To update, select Edit Associations, adjust control weights as needed, and then select Save.

    5. View completed risk cards in the Completed dashboard.

    6. (Optional) Modify the Impact and Likelihood and then select Update to save your changes.

    7. (Optional) If you still wish to switch platforms to make changes, select Open in Projects.
      This opens the Projects app in a new tab.

  6. If Risk assessments assigned to you are within Risk Manager:
    1. After updating the risk details and metrics, select Save changes.
    2. Select Submit and complete to complete the assessment.

    3. Select Complete in the confirmation pop-up, to finalize the risk updates.
      This step initiates a workflow transition and validates all configured conditions. If the conditions are valid, the worflow transitions to the next status and is set to Completed.

      Note

      • After you select Submit and complete and Complete from the pop-up window, your changes will be submitted.

      • After the fields are validated, if any issues are detected, review the information you entered, make any necessary corrections, and resubmit your changes.

    4. Files tab If the Files tab is enabled, you can view all uploaded files and choose to download or delete them.
      The tab is available only when custom fields are configured. These fields can have any name, such as Risk Attachments or Risk Factors.
    5. Associated controls tab View existing control associations. These are part of the parent risk and can be updated directly in the Risk Manager.

    6. View completed risk cards in the Completed dashboard.

    7. (Optional) Modify the Impact, Likelihood, and other custom attributes. Select Update to save your changes.

    8. (Optional) If you still wish to switch platforms to make changes, select Open in Risk Manager.

      This opens the Risk Manager app in a new tab.

Getting information about assessing a risk

You assess risks to determine their potential threat level to the organization by evaluating the impact and likelihood of the risk, and then calculating the risk score. You can calculate the inherent risk score in both risk and risk event task records.

Risk Scoring Factor Description

Likelihood

Low, Medium, High

Impact

Low, Medium, High

How are risk values handled between Task Manager and AI Risk Essential section

Task Manager section

  • You can select values for Impact and Likelihood to update both the inherent and residual risk scores.

  • The inherent and residual risk scores represent the overall risk and can be updated when the card is still in progress or even after it’s completed.

  • Impact and Likelihood values can be adjusted or removed at any time.

  • The dropdown menu for selecting impact and likelihood offers options for low, medium, and high.

AI Risk Essential section

  • The inherent and residual risk scores are not shown because they relate to the parent risk. Instead, it helps Risk Owner to make decisions by focusing on specific details.

  • The rating options can extend beyond low, medium, and high, allowing for customization and color coding to represent different risk levels. This includes default colors for improved visibility and clearer differentiation of risk levels.

  • Info icons appear next to Likelihood and Impact. Hover over them to view definitions added by the Risk Owner or Admin during Risk Manager setup. If no definitions are set, the icons do not appear.

  • After a risk assessment card is finalized, you cannot deselect values. To make changes, you must go to the completed list and update them, but deselecting is not allowed.