Aller au contenu principal

9. Manage Remediation Plans

Once a risk has been identified and a risk response has been provided, the next step is to create a Remediation Plan (RP) to address and mitigate the risk effectively.

This section outlines the process for creating, managing, and tracking remediation plans. The Risk Analyst is responsible for defining and maintaining remediation plans.


Steps to Add a Remediation Plan

  • Navigate to the “Risk Assessment” tab within the Risk Demand section.

  • Navigate to the “Remediation Plan” section.

  • Click on the blue button labeled '+ Add RP' located on the right side of the interface.

    Add_a_RP-2.png

The RP_ID will be automatically generated for the new remediation plan entry. Once the remediation plan is created, you can begin defining its details.


📌 Note: A Remediation Plan cannot be created if the risk response is set to "Avoid", "Accept." or “Transfer”.


Remediation plan options overview

For each Remediation Plan that has been added, the following options are available:

Add a Comment

Facilitate discussions and collaboration with stakeholders.

Add Evidence

Attach supporting documents or proof to validate the remediation plan.

Delete RP

Permanently delete the remediation plan (a confirmation prompt will appear).

Resource Owners

Designate responsibility for managing and mitigating the remediation plan.


These options ensure that remediation plans are actively managed, tracked, and documented throughout their lifecycle. This structured approach provides:

  • Transparency: Clear visibility into actions taken.
  • Accountability: Defined roles and responsibilities.
  • Consistency: A repeatable process for risk mitigation efforts.

Define Remediation Plan Details

At this stage, the Risk Analyst is responsible for providing key details to ensure clarity, accountability, and effective tracking.

For each Remediation Plan, the following information must be specified:

Contact

  • Remediation Plan Responsible: Designate the person accountable for overseeing and executing the plan.

Due Date

  • Remediation Plan Due Date: Set a deadline for the completion of the remediation activities.

Description

  • Remediation Plan Description: Provide a clear and concise summary of the remediation actions to be performed.

Implementation Challenges

Identify any challenges that may affect successful implementation.

  • RP Implementation Difficulty (Level 1, 2, 3): Assess and categorise the complexity of the remediation plan.
  • RP Implementation Challenge (Text Box): Add detailed notes or context about specific challenges that might arise during implementation.

Repeat these steps for each Remediation Plan created.

This structured approach ensures that every remediation plan is clearly documented, easily traceable, and aligned with the overall risk management objectives.


Demand Diagram Summary

Once created, the Remediation Plan (RP) is automatically referenced in the Demand Diagram Summary. This ensures that remediation plans are **visually represented and easily traceable **within the overall risk demand workflow.

To view the latest changes, refresh the page.

Example:

Demand_Diagram_Summary-2.png


Remediation Plan Registry

When a Remediation Plan is created, it is automatically added to the Remediation Plan Registry, which serves as a centralised database for tracking all remediation plans.

The Remediation Plan Registry ensures:

  • Visibility: Easy access to all remediation plans across different risks.
  • Accountability: Clear ownership and status updates.
  • Traceability: A structured record of mitigation actions taken.

Further details on the Remediation Plan Registry will be covered in the Remediation Plan registry module section.