Create a set of baseline risks for all assessments
Currently, the beta version of this functionality in production only allows for copying the template to one risk assessment at a time.
The functionality does not copy risk treatments to prevent the treatment overview being clogged with multiple copies of the same object.
This feature allows you to add "standard risks" to risk assessment objects in the database. As a risk manager, you may have a set of baseline risks that you need to assess for each object. With the new functionality, you can select multiple objects and quickly copy the baseline risks to them from a template.
As an example use case, an admin with multiple ICT systems can delegate the assessment of a standard set of baseline risks to system owners by using the copied template. To use this feature, simply mark an existing risk assessment as a template, and then select the objects you want to copy the risks to using multiselect.
Gaute explains the new Diri feature that lets you add standard risks to objects in the database that require risk assessment. The demo shows the beta version of the functionality and we will add bulk copying and a solution for the treatments in the next version.
What does this functionality do?
The "Add risks from template" functionality copies risks (causes, events, and consequences) from an existing risk assessment to another risk assessment in your portofolio. The functionality lets you populate empty risk assessments quickly and efficiently.
Marking a risk assessment as a template
For the risk assessment you want to use as a template:
Open the risk assessment dashboard.
Open the "Ownership" option in the top right menu.
Check the "Mark a template" button as illustrated below
The "Mark as template" button is available in the "Ownership" menu in the risk assessment dashboard
Using a template to copy
Once you have marked a risk assessment as a template you can copy risks from it to exsisting objects in the risk assessment overview. The way to do that is to:
Go to the Risk assessment overview
Mark the risk assessment you wish to copy your risks to. This action will light up the "Add risks from template" button.
Click the "Add risks from template" button. This will open a menu of existing templates to choose from (illustrated below).
Click the template you wish to copy from.
The menu for selecting a risk assessment to copy risks from
Copying whole risk assessments The copy button is available on all risk assessment objects Are you delighted with one or more of your assessments? Or is the same IT system in use multiple places? Existing risk assessments can be copied and re-used in ...
Diri AS have made risk assessment templates for copying to ease your way into cyber risk management. The templates are available through the "Published Assessments"-feature on the risk assessment overview. The library will contain templates for ...
What is the Overall Risk Assessment? The Overall risk assessment (ORA) provides the easiest way to get started with risk assessments in Diri. The Diri ORA asks you to briefly describe the parts of your organization that impact cybersecurity, such as ...
What is the Problem Risk Assessment? Put plainly, the Problem Risk Assessment (PRA) is a simplified risk assessment with lower documentation requirements when compared to IT system assessments. The PRA is an option for risk assessing problems that ...
What is an ICT system? ICT (information, communication, and technology) systems are the most basic type of risk assessments in Diri: An ICT system is a set-up consisting of hardware, software, data and the people who use them. It commonly includes ...