Risk Management Dashboard

The risk management dashboard provides experts and professionals information about upcoming audits, hazard situations, compliance coverage, and more of the management system. For this purpose, key performance indicators (KPIs) are available to the dashboard. These can be used to customize the dashboard as desired.

Caution: Only hazard situations that have been evaluated for the damage extent classification of the selected management system are displayed.

The following KPIs are available for the Risk management dashboard. How to customize and create dashboards is described under create and edit Dashboards.

In the upcoming audits, all current audits of the management system are listed as well as those audits that are planned in the next 90 days. This means audits in the states Draft, In progress, and In rework.

The display can be restricted to selected organizational units.

Double-clicking on an audit will take you to the corresponding Audit.

This KPI provides information about the status of audits. Only audits of the selected audit program are taken into account. Furthermore, the KPI can be limited to internal, external or all audits of the audit program.

The selection of the audit program and the restriction of the audits is done either fixed in the editing mode, or the data selection is enabled in the view mode.

The status delayed means that the audit is still in the status planned, although the start date is already in the past.

Double-clicking on a circle segment opens a selection dialog in which the respective audits are listed. The audits can be opened by double-clicking on them.

If a sub-chapter of a spider diagram is to be analyzed, this can be done by clicking on the point of the respective parent chapter in the spider. This selects the chapter and displays all sub-chapters with their respective coverage: the spider "zooms" a layer deeper. To undo the selection, the back arrow can be clicked: "the spider "zooms" back out.

With a right click, a selection dialog can be opened in Compliance fulfillment and Questions coverage (total), which shows the review questions/results. It also shows chapters, reviews, and the answers. Double-clicking a review question/result opens the review at the corresponding location.

Ho much text is displayed around a spider chart depends on the number of displayed chapters, the available space, and whether the KPI is being edited.

This KPI provides information on the extent to which the compliance requirements for a standard/norm are met. The green line represents the target score of the current analysis period. This can be used to find out which topics/chapters of a standard or norm should be dealt with in more detail.

The answered questions of a standard chapter are used as the basis for calculation. Neither structural questions nor questions marked as dispensable are taken into account for the calculation. The average score of the answered questions of a standards chapter is displayed.

The selection of the standard/norm is either fixed in the editing mode, or the selection is enabled in the view mode.

The questions coverage (percentage) shows the ratio of the total number of test questions of a selected knowledge base linked to a standards chapter. Each chapter can reach a maximum of 100%, even if a question is answered more than once. Structure questions are also excluded from the calculation. Thus, the test question coverage of a standard/norm per knowledge base is evaluated here.

The selection of the standard/norm and knowledge base is either fixed in editing mode, or the selection is enabled in view mode.

The question coverage (total) is intended to show how many questions AND test results for the standard chapter were answered or marked as dispensable. I.e. the coverage of the test questions from all test questions of all knowledge databases, which map to this standard, is shown in total. Structural questions are excluded from this calculation. If a standard chapter is created several times as a test object and the same test questions are answered several times, the number of answered questions increases accordingly.

This provides information as to whether certain topics have been highlighted to a greater or lesser extent in the audits and whether it may make sense to focus on certain topics in future audits.

The selection of the standard/norm and knowledge base is either fixed in editing mode, or the selection is enabled in view mode.

This KPI shows an overview of the hazard situations by their state and the completeness of the risk assessment.

The outer layer displays all hazard situations by their state. The inner layer displays not or not completely evaluated hazard situations (missing the probability of occurrence of extent of damage) in relation to the total of existing hazard situations. The total amount of hazard situations that exist as per the set filter is displayed in the middle of the diagram.

The restriction of hazard situations can be either fixed in editing mode, or the selection is enabled in view mode.

Double-clicking a circle segment opens a dialog in which the respective hazard situations are listed. The hazard situations can also be opened by double-clicking.

This KPI shows a risk treatment overview regarding open and finished measures linked to active hazard situations.

It contains information about whether treatment measures are overdue or there are active hazard situations that have not been linked with a corrective measure yet. Planned, suspended, and canceled measures are disregarded in this KPI. Submitted, accepted, and rejected hazard situations are also disregarded.

It's possible to limit the displayed hazard situations to those of the current management system.

The restriction of hazard situations can be either fixed in editing mode, or the selection is enabled in view mode.

Double-clicking a circle segment opens a dialog in which the respective hazard situations are listed. The hazard situations can also be opened by double-clicking.

This KPI provides an overview of how dangerous the individual hazard situations of the management system can be. The further to the top right a hazard situation is located, the more dangerous it is. If the mouse pointer is moved over one of the points in the diagram, it becomes apparent, which hazard situation is concerned. By default, no accepted or rejected hazard situations are displayed.

• Risk categories: Here, the risk matrix can be restricted so that only hazard situations that are associated with the selected risk categories are displayed. A risk category can be associated with the hazard situation directly in its detail page.

The time span under the risk matrix can be used to track how hazard situations have developed over a period of time. All you have to do is click on one of the points in the time span. The time span can be adjusted using the arrows on the left and right.

This KPI provides information on the status of the protection requirement analyses in the selected analysis periods. It is possible to restrict whether all analyses, only analyses of organizational units or only analyses of processes are to be displayed.

The selection of the constraint and analysis periods can be either fixed in editing mode, or the selection is enabled in view mode.

Double-clicking on a circle segment opens a selection dialog in which the respective protection needs analyses are listed. The protection needs analyses can also be opened by double-clicking.

This KPI provides information about the status of the vulnerability analyses in the selected analysis periods. It is possible to restrict whether all analyses, only review results or only gap analyses are to be displayed.

The selection of the constraint and analysis periods can be either fixed in editing mode, or the selection is enabled in view mode.

Double-clicking on a circle segment opens a selection dialog in which the respective vulnerability analyses are listed. The vulnerability analyses can also be opened by double-clicking.

This KPI provides the audits with the highest sum of deviations according to the Target score weighting of the selected protection target and audits.

The sum of deviations by target score weighting in the reviews assigned to the audits always refers to the current target score. This means that even if the deviations are limited to a specific analysis period, they are examined with the target score of the current analysis period.

The sorting influences whether you are presented with the worst results (highest positive sum of deviations) or the best deviations (lowest positive sum of deviations, but no overfulfillments).

If no analysis period is selected, all deviations from all analysis periods are displayed. It is also possible to restrict from which organizational units the checks must originate from.

The selection of the protection target, audits and analysis periods can be either fixed in the editing mode, or the selection is enabled in the view mode.

Double-clicking on a deviation opens the corresponding analysis with the deviation.

This KPI provides the worst or best audits for the selected protection target.

The sum of deviations according to Target score weighting in the reviews assigned to the audit always refers to the current target score. This means that even if the deviations are limited to a specific analysis period, they are examined with the target score of the current analysis period.

The sorting influences whether you are presented with the audits with the worst results (highest positive sum of deviations) or the best audits with the lowest negative deviations (lowest sum of deviations, but without overfulfillment).

If no analysis period is selected, all audits from all analysis periods are displayed. The organizational units from which the audits come can be restricted as well.

The selection of the protection target and the analysis periods can be either fixed in the editing mode, or the selection is enabled in the view mode.

Double-clicking on an audit will take you to the corresponding Audit.

This KPI is a listing of the top hazard situations of the management system. The displayed hazard situations are thus ranked according to their risk score. The higher up, the greater the risk.

Alternatively, it is also possible to switch to entities. This will display those entities that are most at risk.

The triangles provide information about how dangerous a hazard situation is and how at risk an entity is. If you move the mouse pointer over them, the respective risk indicator is displayed.

Double-clicking on a hazard situation/entity will take you to the corresponding Hazard Situation / entity.

This KPI provides the review objects with the highest sum of gaps according to the Target score weighting of the selected protection target and audits.

The sum of deviations according to target score weighting of the review objects assigned to the audits always refers to the current target score. This means that even if the deviations are limited to a specific analysis period, they are examined with the target score of the current analysis period.

The sorting influences whether you are presented with the worst results (highest positive sum of deviations) or the best deviations (lowest positive sum of deviations, but no overfulfillments).

If no analysis period is selected, all review objects from all analysis periods are displayed. It is also possible to restrict the organizational units from which the reviews of the review objects are taken.

The selection of the protection target, audits and analysis periods can be either fixed in the editing mode, or the selection is enabled in the view mode.

Double-click on a applied topic to open the corresponding analysis with the applied topic.