Program Risk Review Workbook
Similar to the Key Risk and Mitigation workbook above, this workbook will help you consider the strategic, financial, operational, compliance, reporting, and reputational risks associated with an existing initiative or project. Unlike the New Initiative Risk Review Workbook, this workbook is focused on existing initiatives or projects, rather than new ones, and will also take into consideration the effectiveness of existing controls and help the user estimate their residual risk. This workbook will not make decisions for you, but it will help you organize your thinking as you consider your initiative or project's enterprise risk management implications.
This workbook enables you to assess the following for each set of objectives:
- Risks associated with each set of objectives
- Controls used to monitor risks such as reports and dashboards
- Frequency of the monitoring of controls
- Strategies for mitigating or otherwise addressing those risks
- Individual/department(s) responsible for executing the strategies identified
Download Program Risk Review Workbook:
Please note: Upon opening this file a Security Warning will be presented. In order for the workbook to function properly.
Steps to complete the Program Risk Review Workbook:
- Download and save the file to your computer.
- Upon launching the file you will see an area to be populated towards the top right corner titled "User Information". *
- Select the blue "Get Started!" button on the lower left side of the screen.
- The first screen is a place for the user to document their assumptions used for the scales to be applied in future workbook screens. Please note that changing the scale titles on this screen will not be reflected in the rest of the workbook. The user can return to this page at any time to adjust these assumptions. Once this step has been completed, the user can begin evaluating the program's risks and related controls by selecting one of the buttons at the bottom left of the screen illustrated below.
- Populate each of the identified subject areas in the table to the right by completing each field with the desired information, being sure to utilize the drop down fields for the "Likelihood, Severity, Frequency, and Effectiveness" columns.
- Repeat process for each Objective Area, however be aware that not all initiatives or projects will have objectives and related risks in all six areas (strategic, financial, operational, etc.)
Available Reports for the Program Risk Review Workbook:
Once the workbook has been completed, be sure to save your work prior to running any reports.
- First, the user should return to the introduction by clicking the button provided on each of the data entry worksheets. At the bottom of the introduction page, you will see two separate report buttons as illustrated below.
Clicking the "Export for ERMIS" button will generate an ERMIS compatible .csv format that can be for ERMIS upload and future reference. Clicking the "Printer-friendly Summary" will generate a report that summarizes the contents of the entire workbook in a clear and presentable format, and automatically calculates the estimated residual risk based on the information provided in the workbook.
* Please note: The "User Information" field entries found on the Introduction page of each workbook should represent a unique combination of values. Exports which containing the identiacal combination of "Location Name," "Department," "User" and "Date" fields will result in replacement of existing data.