GuardianERM.Net Help Table of Contents
Control Level
Guardian compares the effectiveness of control against the corresponding risks. The control level can be viewed as a number from 0 to 5 and is a measure of the effectiveness of the control over the risk:
|
Level |
Effectiveness |
% Equivalent |
|
0 |
Not Effective |
0% |
|
1 |
Slightly Effective |
20% |
|
2 |
Somewhat Effective |
40% |
|
3 |
Reasonably Effective |
60% |
|
4 |
Mostly Effective |
80% |
|
5 |
Very Effective |
100% |
Alternatively, you may assign a percentage effectiveness equivalent to the control level as above. For example, Level 4 means the control is effective 80% of the time. Level 0 can be used to mean the control has not yet been rated. When a risk is being treated, the
consequence of the risk if it eventuates or the likelihood of the risk happening or both can be reduced. Guardian allows you to specify the control effectiveness for both the
consequence and likelihood of the risk.
Note: Residual Risk = Inherent Risk Level X (100 - Control Level % Equivalent)
Where there is more than one control attached to a risk, the Effective Control is the measure of the combined effect of all the individual controls attached to the risk. The system assumes that the individual controls are independent of each other. When two controls are implemented together they produce a synergy effect, that is, the combined controls are more effective than the sum of the individual controls, you may either increase the effectiveness of one or both of the controls AND/OR accept the residual risk (if there is a residual risk after the controls) noting the synergy effect in the Accept Residual Risk Reason field.