How to manage risks
Step 1. Identify risks
Risk management is a guided and knowledge based feature of Saidot. Our risk management methodology is is based on standards and industry best practices. Start the risk management process by opening the Risks tab.
Risks can be added to systems in two ways:
Adding recommended risks from Saidot’s risk library
Recording custom risks
When using the risks in the library, the risk descriptions and mitigation suggestions are populated automatically. When recording a custom risk, the information needs to be added manually. The risk recommendations are based on the contextual information added when registering the system.
Step 2. Document risks
Risk documentation includes the risk owner, risk source, risk type and risk description. When using a risk from the Saidot risk library, the risk description is populated automatically but they can be edited if needed. Contextual risk consequences can be described separately.
Step 3. Evaluate risks
Analyse the inherent risk level, indicating the risk level before treatments. Analyse also marginal risk level describing the change in risk that occurs as a result of the introduction of AI technology.
.png?inst-v=4c0720cd-02cd-445a-9fa8-c6cc53ea2d73)
Step 4. Risk treatment
Select a risk treatment strategy according to the inherent risk level and our recommendations.
If you are using a Risk from the Saidot risk library, you can import mitigations suitable for risk treatments. You may also add your own custom mitigations.
Step 5. Assess residual risk
After selecting and implementing the treatments, select the treatment status and assess the residual risk. Residual risk describes the risk level after the treatments have been implemented.
