Risk management settings

In "Risk management → Settings", experts can configure the risk management and add further configurations in addition to the risk policy, to adapt the risk management to the requirements of the management system.

• Used categories of risks and opportunities:

Define which categories of risks and opportunities are to be used in this management system.

• Extent of damage classification:

Here, define the classification used in this management system to assess potential damage. If you do not make a selection, the default extent of damage classification will be used.

A use case for your own extent of damage classification would be, for example, to assess potential damage in the data protection management system from the perspective of the affected party. As a result, the Risk Management dashboard, hazard situations, and structural analysis will by default only display hazard situations and SBA weightings for the associated extent of damage classification.

Caution: Changing the extent of damage classification potentially affects the meaningfulness of previously evaluated risks as well as protection needs analyses made in the management system.

• Show gaps tab

Define whether the list of assigned gaps should be included in the view of risks and opportunities.

• Show threats tab

Define whether the list of assigned threats should be included in the view of risks and opportunities.

Define here whether the ESG management is to be included in the risk management.

The authorizations of the experts and professionals for the ESG are distributed under Administration → User roles.

• Show structural analysis
• Show protection needs
• Show vulnerabilities
• Show threats

Define here which menu items are to be included in the risk management and hide those you do not need in your management system. Depending on which menu items you have in use, the corresponding report pages are also shown or hidden, respectively.