The Assessment Details page shows the risk assessment results on interdependent tabs that provides in-depth information for your analysis. Only a program owner or an assessment owner can access the Assessment Details page. You can click a tab on the Assessment Details page and understand how different stakeholders have responded in identifying or mitigating the risks. By default, the following tabs are visible on the Assessment Details page.
Risk Management - This tab provides risks that are identified using the Risk Identification questionnaire and Identify New Risks wizard. The Risk Management view is identical to Risk Register on the Home menu. You can view responses, controls, and other ratings that can be customized from the Customize menu which are provided by stakeholders. For more information, see Navigating in Risk Management View, Adding Risks to Assessments, and Understanding Risk Actions.
Risk Inheritance - This tab displays inherent risk and residual risk scores if the entity assessment has a relationship with other entities that propagate risks. You can view scores for risks that are inherited from related entities and assessment risk with/without propagation. For example, consider the following assessment data where an entity assessment E2 has a child relationship with an entity assessment E1, and after you run both the assessments, the inherent risk score for E1 and E2 are 40 and 30.
| Assessment | Relationship Type | Inherent Risk Score |
|---|---|---|
| E1 | Parent | 40 |
| E2 | Child | 30 |
Because entity E2 is child of entity E1, the scores are propagated to entity assessment E2, and the inheritance summary will now display the following scores:
Risk inherited from related entities : 40
Assessment risk without propagation : 30
Assessment risk with propagation : 70
The Assessment risk with propagation score is calculated as follows : Risk inherited from related entities + Assessment risk without propagation.
Questionnaires - This tab provides questionnaires' details, such as progress, workflow status, average choice score, and the owner of workflow stage.
Control Results - This tab provides details about the stakeholders' answer choices for controls and subcontrols that are in place for risks. Using the control results, the compliance and risk scores are calculated. Risks that are associated with weak or unfit controls, or when no controls are in place, stakeholders will respond to such controls using one or more response control mechanisms that are stipulated by the program owner. In the Response column, you can view a stakeholders' response for those controls which do not meet your objective.
Responses - This tab provides details about responses that are created by stakeholders for remediating or compensating a control.
Workflow - This tab provides current and historical details of a workflow. You can view the workflow current stage details, such as stage name, owner, and time since the workflow entered into current stage. The Status History section shows complete stage transition information for transitions that have already occurred.
Charts - This tab contains charts and information that displays the number of risks graphically by category, such as inherent and residual risk scores together with their likelihoods and impacts.
On the heat map, click a risk to open its details.
Logs - This tab provides information about evidence and workflow.
Archives - This tab provides a list of all archived assessments.
