Menu

KCM GRC Risk Management: Risk Templates

Avatar
Lauren Ashley
Updated
Follow

What Is the Risk Templates Area of My Console?

Risk Management is a module within the KnowBe4 KCM Governance, Risk and Compliance (GRC) platform that is available to Gold and Platinum subscriptions. This feature is designed to simplify the processes of identifying, assessing, monitoring, and mitigating the various risks faced by your organization. See our Risk Management Overview article for an introduction to risk management with KCM GRC. 

The Risk Templates area of your console holds the pre-populated Risks that are offered from our Master Risk Repository as part of our Risk Wizard. See here for more information on the Master Risk Repository. Aside from the pre-populated Risks, the Risk Templates area will contain every Risk you've imported or manually created in your KCM GRC platform.

Adding Risks from the Risk Templates

You have two options for adding Risks from the Master Risk Repository to your account's Risk Register:

  • If you're just getting started with risk management in KCM GRC, we suggest using the Risk Wizard. See our Risk Management: Risk Wizard article for more information.
  • You can browse or search the Master Risk Repository in the Risk Templates section of your console and add Risks individually.

See the steps below for instructions on adding Risks from the Risk Templates section of your console.

  1. After logging in, navigate to the Risk Templates by clicking Templates, then Risk Templates from the navigation panel on the left side of your console. 

Templates > Risk Templates

  1. Browse through all Risk templates or use the Search Risk Templates... search field to find Risk names using keywords. 
  2. Use the + button in the far-right column to add the Risk to your Risk Register. 
  3. Specify the details from the "Quick Add" page, as explained below. 

    Quick Add Risk Screen

    • Risk Name: Give your Risk a descriptive title that represents the scope of what the Risk poses to your organization.
    • Risk Status: Selecting a status for your risk is recommended. Risk Status offers insight into the state of the Risk and what efforts (if any) can be made toward managing the Risk–whether that be mitigation efforts, acceptance, or transference of the Risk. See the Create Individual Risks section of our KCM GRC: Risk Register article for more information.
    • Tags: Your KCM GRC Risk Management platform offers custom tagging features. You can create custom tags and assign them to the applicable risks. 
      You may want to create tags for your sister companies, subsidiaries, different locations, or for your individual departments to keep your management processes better organized. 
      See this section of our Managing Account Settings article to learn more about creating Risk tags.
    • Likelihood: Determine the likelihood of the Risk occurring. This variable will impact your Inherent Risk Score. See here for more information on Likelihood and risk management with KCM GRC.
    • Impact: Determine the measure of impact that the Risk would cause to your organization. This variable will impact your Inherent Risk Score. See here for more information on Impact and risk management with KCM GRC.
    • Inherent Risk Score: This number will automatically recalculate as you change the Risk Likelihood and Impact. See our Risk Management Overview article for more information. 
    • Add Another (checkbox): If you're satisfied with including only the "quick add" Risk details, you can click this checkbox before clicking the Create button to instantly "quick add" another Risk. Deselect this checkbox if you want to add more details to your Risk. 
    • Create: Click this button to create the Risk and add it to your Risk Register with only the "quick add" details.
    • Details: Click this button to add additional details to your Risk, as explained below.

      Risk Details Page

      • Description: Describe the threat that the Risk poses to your organization, including the physical location(s), systems, employees, third parties, processes, etc., that would be involved if the event were to occur. 
      • Consequences: Describe the potential outcomes of the Risk occurring, including the physical location(s), systems, employees, third parties, processes, etc., that would be impacted.
      • Category: Select the category in which you want the Risk to reside in your Risk Register. Choose between Business & Strategic, Environmental & Natural, Financial, Operational & Infrastructure, Compliance, or Custom.
      • Subcategory: The set of subcategories will differ depending on which Category you have selected. Click here for a list of the subcategories available under each Category.
      • Save: Click the Save button to save the Risk details and add it to your Risk Register. 

Back to Top

Importing Templates

You can import Risks into the Risk Templates section of your console using the Import Templates button. Please note these Risks will be added as Risk Templates; therefore they will not be automatically added to your Risk Register. See our Risk Register article for instructions on importing Risks directly to the Risk Register.

Back to Top

Additional Resources

Back to Top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles