How to use Risk Appetite Logic to define thresholds for Risk

Explanation #

Risk Appetite in Symbiant works in a fallback approach,

Meaning every Risk will always have an appetite, but the value depends on where you let the logic fallback to,

The flow of Risk Appetite is as follows (Starting at Individual Risk);

In the above, if you assign an appetite to an individual risk that will be its appetite, (I.e. 2 in this example)

If no appetite is given to the risk, it will fall back to the selected Risk Category and that will be its appetite, (I.e. 5 in this example)

If no appetite is given to the risk category or no risk category is selected, it will fall back to the Risk Score Set and that will be its appetite. (I.e. 10 in this example)

Individual Risk #

Each individual risk can select an appetite value, (The Options are based on the selected Risk Score Set)

Risk Category #

Every Risk Category can have its own individual appetite value, these are set by Risk Admins, and then can be utilised by all users within the Risk Registers.

More Information on Managing Risk Categories

Risk Score Set #

This is configured by Risk Admins, and they can add a default Appetite to fall back to, and all of the individual risk appetite options.

The appetite warning level is how far away from appetite the risk score is before going, Amber. 0.1 means as soon as it’s over appetite.

The appetite breach level is how far away from appetite the risk score is before going Red. 1 means as soon as it’s a full point over appetite.

More Information on Risk Score Sets