Risk Assessment Scoring and Rating based on your Risk Policy

Modified on Mon, 31 Jul, 2023 at 4:39 PM

Introduction

C1Risk enables you to use your own risk scoring methodology to value score your risk assessments. Choose one or more scoring variations, based upon the type of risk evaluated and or configure assessments to any risk score protocol, as follows:


Assessment Question Scoring


Assessment questions with fixed responses can be scored for risk and support the auto-creation of findings, all configurable when the Assessment Template is created. 


Click here for a full list and description of question types 


The types of questions that are scorable are as follows:

  1. LIST Questions 
  2. Checkbox Questions

Example


Question Scoring Methodology

  1. Scoring is positive/cumulative (i.e. risk incurs points that add up to a maximum score as opposed to deductive)
  2. Each assessment has a maximum score based on the number of questions and the total number of possible points (EG. 100 Questions/1 point per question = Maximum achievable score of 100).
  3. The Risk Rating will then auto-calculate:

(Assessment Score / Maximum Score) *100


Risk Rating the Asset/Vendor/Engagement Rating

Asset/Engagements/Vendors ratings can be established and auto-calculated in the C1Risk platform based on a fixed methodology, i.e. your Risk Management Policy Risk Classifications for Low, Medium, High Risk. 


Up to five levels are configurable in the platform, based upon your classifications (Low, Medium Low, Medium High, High, Critical, etc.)


Select your thresholds for risk in the platform, as follows:


  1. Go to your Administration Tab and select Risk Policies then use the drop-down menu to Add New


2. Complete the following steps:

  1. Name the Risk Policy (Note you may have multiple and set one to default)
  2. Add the desired number of risk levels (up to 5)
  3. Name the levels.
  4. Drag the scoring bar to the appropriate percentage value.
  5. Click SAVE


Understanding the Assessment Details Summary

  1. Total Questions: The total number of questions in the Assessment
  2. Answer Score: The actual score from this respondent for this specific assessment
  3. Max Score: The maximum possible number of points for this assessment template
  4. Risk Score: Provides the Risk Rating ((Answer Score/Max Score) * 100)
  5. Risk Rating: Assigned based on Risk Policy Rating thresholds and the corresponding Risk Score.






Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article