Critical Risk Controls
CRITICAL RISK CONTROLS
Critical risk controls can be added as items in a list to be selected rather than free text. This allows for consistency across the business and can be attached to any / multiple risks. When attached to the master risks, it will advise project managers of the specific controls that are required to be in place.
This use of critical risk controls within Lucidity is an optional feature that will suit large to enterprise businesses only. Please discuss with Lucidity to access this feature.
Critical Risk Control Settings
In order to utilise the critical risk controls feature, several specific managed lists need to be configured first. These are found in the Settings tab and are typically only accessible by system administrators. Refer to Risk Settings for general settings information.
Hierarchy of Controls | Apply the highest level of relevant controls from the hierarchy to a critical risk control |
---|---|
Control Categories | Apply categories to controls |
Unwanted Scenarios | Create standard unwanted scenarios to be used in multiple controls |
Control Effectiveness | Apply the effectiveness of the control |
Add a Master Risk Control
Video: Add Master Risk Control
VIDEO COMING SOON
To add a master risk control, from the Master Register > Master Risk Controls menu:
Click 'Add New'
Complete the fields (see table 'Definitions of Fields' below)
The details captured for each record may vary slightly between each system configuration. Fields marked with * are mandatory.
Description of Fields
Field | Description |
---|---|
Control ID | Enter the internal ID reference (used in reporting) Example: HSE.WH.01 |
Hierarchy of control | Select the highest relevant hierarchy of control e.g. Elimination, Substitution, Engineering, Administration or PPE |
Control category | Select the control category (used in report filtering) |
What is the control? | Enter specifics on the control required to be put in place |
What is the unwanted scenario? | Enter the possible unwanted scenario aiming to be prevented |
What is the specific objective of this critical control? | Enter the control objective |
What could cause this control to fail or lessen its effectiveness over time (escalation factors)? | Enter relevant factors |
Performance required | Specify the performance required of this critical control to ensure it meets its objective (e.g. design specification)? |
Control actions | Enter required actions or tasks (Lucidity InForm may be utilised here) |
Supervisors checks | Enter checks required by supervisors (Lucidity InForm may be utilised here) |
Management Checks | Enter checks required by management (Lucidity InForm may be utilised here) |
Legislative reference | Enter any relevant references to national, state or local legislative requirements |
Using Critical Risk Controls in Master Risks
To utilise critical risk controls in a master risk, from the master register page:
Use filters as required to locate the relevant master risk
Note critical risk controls can be added to new risks. Refer to the Master Register page in the user guide for more information.
Click 'Edit' the far right of the relevant master risk
In addition to the standard fields in master risks an additional “Risk Controls” section is available. In this section both critical and standard risks can be added and managed.
To add a risk control, click 'Add'
Select the controls to add from the drop down list
Click 'Done'
Note risk controls can be deleted by clicking 'Delete' to the far right of the control
For critical controls check the 'Critical control' check box
Complete any additional information required in the master risk
Click 'Save.
Using Critical and Standard Risk Controls in Project Risk Registers
Critical and standard risks form part of the project risk registers and are added by:
Ensure the master risk is added to the relevant risk templates - refer the Risk Templates user guide
Add templates to project risk registers - refer to the Risk Register user guide
Project managers can add, edit and delete critical risk controls from individual project risks in the same way any risk field can be edited in the project register. This has no impact on risk templates.
Once created, project managers are responsible for reviewing each individual risk within their project and editing as relevant, including updating the critical risk controls.
To update the critical or standard risk control, from the Risk Register page:
Use filters to locate the relevant project risk register
Click 'Risks' to the far right hand side
Edit each risk and, in addition to the standard requirements outlined in the Risk Register user guide:
Identify the control you want to edit. Controls are denoted as Critical, or Standard by the “Criticality” column of the ‘Risk Controls’ Section.
Click 'Edit' on the risk control to be reviewed
Repeat for each critical and standard risk control
Complete the fields (see table 'Definitions of Fields' below
The details captured for each record may vary slightly between each system configuration. Fields marked with * are mandatory.
Click 'Save'
Add any additional risk controls not already included relevant for the individual project
Delete any risk controls not relevant for the individual project
Definition of Fields
Note some fields may be pre-populated from the master critical risk control
Field | Description |
---|---|
Control name | Select the control from the Master Control Register |
What is the control? | This is a description of what the control is for and is pre-populated from the master control |
Control Description | Enter the control description |
Control Owner | Nominate the control owner (note owner must be listed within the system) |
Local, legal, regulatory and contractual requirements | Enter any requirements |
Control effectiveness | Select the control effectiveness |
Critical Control | Check this box for critical controls |