Add Risk Controls

When to Use This

After you’ve created a risk, add controls to document what you’re doing to reduce it. Controls are the actions, policies, or procedures that make the risk less likely or less severe.

Steps

Open the risk

From Registers → Risk, click on the risk you want to add controls to. Click Edit Controls.

Add your controls

Describe each control — what are you doing to reduce this risk?

Examples:

“Annual trainer qualifications audit”
“Student feedback surveys after each course”
“Weekly backup of student records”

You can click Suggest Controls to get AI-generated ideas based on your risk.

Assess residual risk

After adding controls, rate the risk with controls in place:

Residual Likelihood: How likely is this now?
Residual Impact: How severe would it be now?

This should typically be lower than your inherent rating — that’s the point of having controls.

Set a review date

Choose when you’ll next review this risk. This is required to activate the risk.

Once you set a review date, you can change it but you can’t remove it.

Save

Click Save. The risk status changes from Pending to Active.

What Happens Next

The risk matrix on the details page shows both your inherent risk (before controls) and residual risk (after controls)
The risk appears as Active on your register
You’ll receive reminders as the review date approaches
RTOSafe updates the AI analysis to reflect your controls

Reviewing Risks

When a review is due, open the risk and check if anything has changed. Update ratings or controls if needed, then set the next review date. RTOSafe tracks all changes in the risk history for your audit trail.

Common Issues

Residual risk is the same as inherent risk

Your controls may not be effective enough, or you may need to reconsider your ratings

Can't save without a review date

A review date is required to activate the risk. Choose a realistic review period based on how volatile the risk is

Want to add more controls later

You can edit controls at any time from the risk details page