Skip to main content

How to Send a Risk Approval

Complyance Support
Updated

Introduction

Risk approvals create a formal, documented sign-off trail for risks in your register.

Approvals can be used at several points in the risk lifecycle - when a new risk is added to the register, when risk levels change, to sign off on a treatment strategy, as part of a periodic review cycle, or after an incident. You can require approval from a single stakeholder or from multiple approvers where governance demands it.

You can begin an approval by navigating to the Risk Register from the left-hand sidebar in Complyance, then selecting the risk you want to send for approval.

Opening a Risk for Approval

Open the Risk Register and click on the risk you want to send for approval. This will open the Risk Drawer, where you can access all relevant details.

On the right-hand side of the drawer, select the Approvals Tab to view any existing approvals on the risk or to request a new one.

Creating the Approval Request

Open the Approvals Tab on the right-hand side of the risk and click ‘Request a new approval’.

To log a new approval request:

  1. Select the Approval Reason — for example, “Addition of risk to the register.” You can select multiple reasons where more than one applies.

  2. Add a Description explaining what you want the approver to focus on, such as review a new risk, the risk levels or treatment details.
  3. Select the Approvers from users in your Complyance environment.
  4. Set the ‘Approval required from all’ toggle: 
    1. ON if every listed approver must approve

    2. OFF if any one approver is sufficient (the first approver will make the decision).

  5. Set the Due Date to drive reminder notifications for the approver.
  6. Set the Expiration Date in line with your review policy.

Once complete, click ‘Send’ to submit the request. The risk status on the Approvals Tab will update to Awaiting approval, with the approver count (for example, 0 of 2) displayed against the request.

Responding to the Approval Request

When an approval is sent, the approver(s) will receive an email notification and a notification directly in Complyance. The approver can review the approval directly in their email, or open the link to take them to the risk in Complyance.

To respond to the approval request, open the link directly from the request, or open the risk, click on the approvals tab and select the 3 dots next to the approval to respond to the request.

When the approver opens the request, they can review the risk details, add comments, and submit a response directly from the approval record. There are 4 available responses to the approval request:

  • Approved: The approval is recorded against the risk, with the approver’s name and response date logged.
  • Tentatively approve: Approved with conditions or pending follow-up actions
  • Needs more information: Approval is on hold until additional details are provided
  • Reject: The request items are not approved

If a response of Needs More Information is returned, you can easily review this response at any time in the approvals tab. Select the 3 dots, and open the view approvers options

Following your updates to the risk to address the feedback, open the approval, select ‘View approvers’, and click ‘Resend approval request’. The status will return to Waiting for Approval until the approver responds again.

After Approval

Once the required approver(s) have approved the request, the risk shows as approved on the Approvals Tab, with the response date recorded. The Expiration Date determines when the approval will need to be refreshed.

When the risk next comes up for review, check the Approvals Tab to confirm the approval is still valid. If the approval has expired, submit a new approval request as part of the review.

 

Still have questions? Reach out to our support team via the Support Center for assistance.

Related articles