thank you for your post, I was searching for so long for someone to take this approach. I am totally inexperienced in designing from scratch a risk assessment and I am petrified at the thought that the external auditors will non-conformance whatever RA I might be able to produce! Has yours passed any audits yet? and would you like to share the improved version of this RA? The only part which I did not get is the 'outcome decision criteria' from the 'header' of each page as I was expecting to see there the combined scores from 'Severity' and 'Probability', and not still individual scores, but as I said I am very new to all of this. Thank you again for sharing your RA.
thanks for your compliment as well as everyone else.
I have been using this RA for Internal Audit since 2016 and have been validated by my 3rd Party during my audits (which means, yes I passed with the way I designed it.)
As far as the version goes, I still use the same template and edit my Clauses based on non-conformances from previous audits.
Attached is an SOP I'm working for RA. (of course overdoing SOPs with Risk Analysis). Its not perfect, but as you can see when you view it, I'm expanding the risk grading scale because I want to start breaking down my low risk, medium risk and high risk further.
Hopefully, when you read the SOP you should understand the Outcome Decision.
Good luck everyone on your Risk Analysis! It takes time, but its all a learning situation.
Lastly, I'm more embarrassed with my non-conformances which should never happen! But its life, throwing wrenches in everything!