|
To edit the data of a risk plan, select it in the main record screen and click on the  button.
▪If the record to be edited is under the "Current" status and the revision template configured in its type is "simplified", when opening the data screen for this record, it will be necessary to click on the "Add new revision" option to allow editing it. See further details in the Enabling and releasing changes in the plan section. ▪If the ISO9000 based revision template is configured in the type, it will be necessary to click on the "Add new revision" option. See further details in the Enabling and releasing changes in the plan section. ▪If it has been configured in the type that the plan will be revised, and the revision process is by Workflow, the system will question if you wish to instantiate the process. Click on OK. At this point, the workflow ID # will be informed and the activities will be sent to the appropriate executors. The system will also open the data screen for the creation of the plan revision, so that the necessary data is informed. Refer to the Revision section for further details on the configuration and revision creation by workflow. |
Field
|
ID #
|
Enter a number or code to identify the plan. If you prefer, use the arrow next to this field to generate an automatic ID #. If in the type was configured the use of identification mask, at the moment of generating the automatic ID #, the respective mask will be shown. The ID # generated through the mask can only be edited if the "Enable ID # change" option is checked on the data screen of the type that sorts the template.
|
Name
|
Enter a name for the template.
|
Plan type
|
This field is filled out by the system with the plan type selected previously; however, it is possible to edit it. In that case, select the type that will classify the plan template. Use the other buttons to add a new type to sort the plan and clear the field.
|
Scope
|
Enter the scope that will be covered by the template. For that, select one of the following options:
▪SE Risk: It allows assembling the structure of the template with elements, risks, and controls. The following fields will be available: oBusiness unit: Select the business unit (SE Administration) to which the template being created belongs. oDepartment: Select the department (SE Administration) to which the template being created belongs. Note that if you have selected a business unit in the previous field, only the departments belonging to the business unit in question will be available for selection. Associate as many departments as needed. As departments are associated, they will be displayed in the department just below the field. To discard a department, position the mouse over it and click on the Close option. To discard all departments, click on the  button, located next to the field. ▪SE Performance: Allows you to assemble the template structure with a scorecard. In the respective field that will be enabled, select the desired Scorecard. In order for this feature to function properly, it is necessary for the SE Performance component to be part of the solutions acquired by your organization. Refer to the specific documentation of this component for more information about scorecards. ▪SE Process: It allows assembling the structure of the template with a process. In the respective field that will be enabled, select the desired Process. In order for this feature to function properly, it is necessary for the SE Process component to be part of the solutions acquired by your organization. Refer to the specific documentation of this component for more information about processes and their modeling. ▪SE Project: It allows assembling the structure of the template with a project or program. To do this, first, select if the scope will be a project or program in the Object field and then in the field that will be enabled, select the desired Project/Program. In order for this feature to function properly, it is necessary for the SE Project component to be part of the solutions acquired by your organization. Refer to the specific documentation of this component for more information about projects and programs. ▪SE Asset: It allows assembling the structure of the template with an asset besides elements, risks, and controls. In order for this feature to function properly, it is necessary for the SE Asset component to be part of the solutions acquired by your organization. Refer to the specific documentation of this component for more information about assets. |
Responsible
|
Select the user responsible for the template. Use the other buttons next to the field to add a new user and define it as responsible, fill in the field with the data of the logged user and clear it.
|
Responsible team
|
Select the team responsible for the template. Use the other buttons next to the field to add a new team and set it as the responsible team and clear the field.
|
View profile
|
This field is filled out by the system with the default view profile; however, it is possible to edit it. In that case, select the view profile that will be applied to the plan template. Use the other buttons next to the field to add a new profile and associate it with the plan, edit the data of the selected profile, and clear the field.
|
Description
|
Enter important information about the template being created.
|
|
In this section, the configurations for the risk and control analyses and the revalidation of the plans are established. To do that, the following options are available:
Field
|
Add treated / potential / target evaluation
|
Check this option for it to be possible to perform the potential/treated/target evaluation of the risk during the risk evaluation. This evaluation is one that takes into account only the risks of the risk plan. The name of the evaluation will vary according to the parameterizations made on the Configuration tab of the default view profile.
|
Add residual / net / controlled / current evaluation
|
Select this option for it to be possible to perform the residual/net/controlled/current evaluation of the risk during the risk evaluation. This evaluation is one that takes into account the controls and treatments of the risk plans. The name of the evaluation will vary according to the parameterizations made on the Configuration tab of the default view profile. This option will not be displayed if the previously selected evaluation method is of the "Matrix (self-assessment)" type.
|
Residual / net / controlled / current risk calculation
|
This field will only be enabled if the Add residual/net/controlled/current evaluation option was checked in the type that classifies the plan. Select one of the following options to set how the residual/net/controlled/current risk of plans of this type will be calculated:
|
Set responsible for all risk analyses of the plan
|
Check this option to set a single party responsible for all risk analyses of the plan. The following fields will be enabled:
▪Responsible: Select the user responsible for the risk analyses. Use the other buttons next to the field to add a new user and define it as responsible, fill in the field with the data of the logged user and clear it. ▪Responsible team: Select the team responsible for the risk analyses. Use the other buttons next to the field to add a new team and set it as the responsible team and clear the field. |
Set responsible for all control analyses of the plan
|
Check this option to set a party responsible for all control analyses of plans based on this plan. To do that, in the fields that will be enabled define the responsible user and/or the responsible team for the control analyses. A detailed description of the fields has been made previously.
|
Use identification mask for risk analysis
|
Check this option so that the ID #s of the risk analyses of the plans based on the plan are obtained through an identification mask. To do that, the following fields are available:
▪Identification mask: Select the desired identification mask. Note that only identification masks whose object is "Risk analysis" will be available for selection. ▪Enable ID # change: Check this option to allow the generated ID # to be edited manually when creating a risk analysis. If this option is not checked, the generated ID # may not be edited. |
Use identification mask for control analysis
|
Check this option so that the ID #s of the control analyses of the plans based on the plan are obtained through an identification mask. To do that, in the fields that will be enabled, select the desired identification mask and define whether the ID # will be enabled to be edited. Notice that only identification masks whose object is "Control analysis" will be available for selection. A detailed description of the fields has been made previously.
|
Analysis evaluation approval route
|
This option will only be displayed if the "Allow risk and control to be evaluated only in the draft step" option is not checked in the type that classifies the plan, or if the evaluation method associated with the type is not "Matrix (Self-assessment)". Check this option to have the risk and control analyses of the plans based on this plan go by approval. To do that, select the desired responsibility route. Use the other buttons next to the field to add a new responsibility route, edit the data of the selected route, and clear the field.
|
Revalidation
|
This field is only available if in the type that classifies the plan has been configured so that the validity of the plans based on this plan is managed. The following options are available:
▪Validity: This field will be completed by the system with the default time set in the validity setting associated with the plan type. If in the validity setting is defined that the default time is Fixed, this field may not be edited. If it is set to be Variable and the default time field has not been filled, enter the amount of time in days, months, or years, or the date by which the plan will be considered valid. If the field has already been filled in, the user can edit the value. ▪Revalidation: This field is completed by the system after the plan has been revalidated. Click on the  button to display the revalidation data displayed. ▪Validity date: This field is filled by the system after the plan has been approved, or after it has been revalidated, with the date until which it is valid, that is, on this date, the Expired plan task will be generated so that the revision/revalidation of the plan is performed again. |
|
This section will only be displayed if the plan type has revision control via Workflow or based on the ISO9000 standards. Thus, if it is necessary to complement the revision information, it is possible to access and edit its data. To do that, open the data screen of the record that is under revision and access the "Revision" section. At this point, the information regarding the revision that is in progress will be displayed in the record data:
This section displays general information on the plan revision:
General
In this section, it is possible to enter the Reason for creating the revision. The reasons displayed are recorded in the "Configuration  Revision Reason" menu. If you have permission, a button that allows creating a new reason will be displayed next to this field. This section also displays some information on the revision in progress, such as revision ID #, status or step, date and cycle.
Control
In this section, it is possible to define the dates scheduled for the start and end of the revision. The actual start and end dates are filled out by the system. This section also displays the user responsible for creating the revision. The responsible user for releasing the revision will be automatically filled out once the revision ends.
Description
Use this field to enter additional descriptions of the process revision.
Explanation
Use this field to justify the process revision. If it has been configured in the knowledge base, filling out this field may be mandatory.
|
This section will only be displayed for revisions whose type has been configured as the ISO9000 standard. Filling in the information in this section depends on the Route type selected in the plan type. If the route is:
▪Fixed & unique: The participants may not be edited. ▪Fixed: Participants may only be selected through a revision route. ▪Variable: Participants may be selected through a route or through the buttons in the bottom part of this section, displayed below.
Field
|
Cycle
|
Displays the number of the revision cycle. If so, select the previous cycles to view the members of the responsible route who performed the previous revisions of the plan.
|
Status
|
Displays the "Under revision" status while the revision is still in progress. After the revision is released, displays the "Finished" status.
|
Start
|
Displays the data on which the revision was created.
|
End
|
Displays the closure date of the revision.
|
Closure
|
Displays the data of the user who finished the revision. If the closure is automatic, the name of the user who executed the last configured revision step will be informed.
|
In the bottom part, it is possible to view and establish the participants of the requirement mapping revision route, according to the definitions of the type in question. If the configured route type is Variable and a revision route is entered, the participants will be displayed in the list of records on this tab. If no revision route has been entered, it is possible to configure the desired participants. To do that, use the toolbar buttons next to the list of records:
|
Click this button to add a participant in the plan revision. View the Configuring a revision route section to obtain a detailed description of how to add a new participant. If the participant is being added to a route associated with the revision, this addition will only be valid for the revision of the template, not being replicated to the route record made through the Configuration Revision Route menu.
|
|
Click on this button to change the sequence, deadline, or checklist of the participant.
|
|
Click on this button to view the responsibility flow of the revision route.
|
|
Click on this button to remove the selected participant. It will not be possible to remove those participants who have already received the revision execution task.
|
|
Click on this button to import the participant flow from another revision route already created in SE Risk. On the screen that will be opened, locate and select the desired route and save the selection.
|
Regardless of the route type, it will not be possible to add, edit, or remove participants from those steps that have already been executed.
|
|
Use this section to enter the changes that were performed in the template. Changes may be added both by the user creating the revision and by the drafters through the draft step in the Revision execution task.
To do so, click on the button and, on the screen that will open up, fill out the following fields:
Location: Location of the process in which the change was made.
Change: Description of the change made in the process.
|
Use this section to record the critiques related to the revision in progress.
Critiques may only be added when executing the revision steps. To add a critique, click on the button and, on the Critique tab of the screen that will be opened, enter the improvements that must be performed to the plan being revised.
In the draft step, this section will only be enabled to enter the solution that was performed. That is, this section will only be enabled in the draft step if a critique has been entered in the review, approval or release and the revision has returned to the draft step. In that case, click on the  button that will be available and, on the Solution tab on the screen that will be opened, enter the solutions that were applied to the plan.
|
This section will only be displayed if there is a checklist associated with the participant responsible for executing the step of the revision in progress. This checklist aims to assist the party responsible for executing the revision in question. In order to answer the checklist questions, select one of the answer options displayed to each question (Yes, No or N/A). The answers may have already been filled in by the system with a default option, defined when creating the checklist. In addition, the completion of the Comments may be mandatory if this has been configured in the checklist.
|
|
Through this section, it is possible to configure the security to be applied to the items (risks, controls, elements, treatments etc.) of the structure of the plan. For that, at the top of this tab, select one of the following options:
▪Public: Select this option so that any user has access to the items in the plan structure. ▪Restricted: Select this option to restrict the access to the items in the plan structure. At this point, the sidebar buttons will be enabled. Click on the button and fill out the fields on the screen that will be opened:
i.
|
In the Access type field, select one of the following options to set the access type that will compose the security list:
▪Team: It will be composed of the members of a team previously created in SE Risk. ▪Department: It will be composed of users from a selected department of the organization. ▪Department/Position: It will be composed of users from a specific department of the company, who have a specific position. ▪Position: It will be composed of users who hold a specific position in the company. ▪User: It will be composed of a specific user. ▪All: It will be composed of all users who have access to the SE Risk component. |
ii.
|
In the Controls field, it is possible to select the actions that may or may not be performed on the items in the structure of this plan. To do so, select the controls that will be granted to access the type selected previously:
▪Add: Adds items to the plan structure. ▪Edit: Changes the item data in the plan structure. ▪Delete: Deletes items from the plan structure. ▪View: Allows viewing the item data in the plan structure.
Use the buttons located next to the field to expand and view the list of controls, mark all available controls, and clear the markups you have made.
|
|
iii.
|
Select in the Permission field, if the controls checked previously will be granted or denied for access type.
|
iv.
|
According to selected access type, Filters will be enabled to be filled out. Use them to facilitate the search of users who will form the security list.
|
v.
|
After that, click on the  button on the toolbar of the selection screen. Depending on the access type selected and the values entered in the filters, the result will be displayed in the list of records, located at the bottom of the screen. Select the ones that will compose the security list and save the record. Hold the SHIFT or CTRL keys down or check next to each item to select more than one record at a time.
|
|
In the Documentation section, associate attachments, documents and security data sheets related to the risk plan.
▪Attachment: Use this section to associate the attachments related to the risk plan. Refer to the Adding attachments section for further details on how to add and/or associate attachments. ▪Document: Add or associate, through this section, the documents related to the risk plan. Refer to the Adding documents section for further details on how to add and/or associate documents from SE Document.
The Document section will only be enabled if SE Document is available in the same license key.
|
|
In the SWOT analysis section, it is possible to associate the SWOT analysis performed for the plan. To do that, click on the button on the side toolbar and on the screen that will be displayed, locate and select the desired SWOT analysis. Use the other buttons on the side toolbar to edit the data and delete the selected analysis.
|
In the History section, a timeline is presented with the main events that have occurred in the plan until the current moment. It is possible to add comments regarding each event.
|
Click on this option to access the plan structure data screen. See more details about how to assemble the plan structure in the Assembling the plan structure section.
|
Once done, assemble the structure of the created plan. To do that, select the plan from the list of records on the main screen, and click on the  button. Refer to the Assembling the plan structure section for details on how to associate risks, controls and elements with the plan structure.
|
