EPC calculates Residual Risk scores automatically to help track and mitigate organizational risks. Manual overrides give users the flexibility to adjust these scores when additional insight or judgment is needed, ensuring assessments remain accurate and actionable.
This guide walks you through:
- When to use manual overrides
- How to override scores
- Understanding key risk terms
When Should You Use Manual Residual Risk Overrides?
Manual overrides allow organizations to adjust Residual Risk scores when the system’s automatic calculation doesn’t reflect real-world conditions.
Common scenarios:
- Complex or unique risks not captured by standard calculations
- Emerging threats or recent changes affecting impact or likelihood
- Expert judgment needed for high-stakes risks
- Audit or compliance adjustments
Overriding Residual Risk Scores
By default, EPC calculates residual scores automatically. If you want to assign your own values, follow these steps:
- Navigate to the Details page of the desired Risk.
- Select the ‘Edit’ button to open its edit form.
- Expand the What is the Risk Analysis section.
- Select the Override automatic control roll-up checkbox.
- Enter custom values for:
- Residual Impact
- Residual Likelihood
- Residual Detectability
- Review the updated scores.
- Click Save to confirm your changes.
Understanding Key Risk Terms
| Term | What It Means |
|---|---|
| Gross Risk | The risk level if no controls or actions exist. |
| Residual Risk | The risk that remains after applying controls or corrective actions. |
| Impact | How severe the consequences are (e.g., cost, safety, operations). |
| Likelihood | How probable it is that the risk will occur. |
| Detectability | How likely the organization is to detect the risk before it causes harm. |
Need more help with this?
Visit the Support Portal