Skip to content

Treatment plan & measures

Purpose🔗

In the Treatment Plan you define how identified risks are handled. Typical options include accept, mitigate, transfer, or avoid. For mitigated risks, concrete measures with responsible persons and deadlines are defined.

Usage🔗

  1. Open the Treatment Plan section.
  2. Select a risk with an elevated or critical risk class.
  3. Choose a treatment option for each risk
    (e.g. accept, mitigate, transfer, avoid).
  4. For mitigated risks, create one or more measures:
  5. Measure title
  6. Measure description
  7. Responsible person or role
  8. Due date / target date
  9. Link — if available — existing measures from other modules to avoid duplication of effort.

Reusing Measures🔗

Instead of creating new measures for every risk, you can reuse existing measures:

  1. In the treatment plan, click the chain icon or "Link measure".
  2. Select an existing measure from the list.
  3. Link it to the current risk.

This way, generic measures such as "Update backup concept" or "Conduct emergency drill" can be used multiple times without having to duplicate them.

Status Tracking🔗

Each measure has a status, e.g.:

  • Not started
  • In progress
  • To be approved
  • Completed

Additionally:

  • Responsible persons and approvers receive email notifications when deadlines are reached or exceeded.
  • All measures — including those from other modules — are consolidated in the central Findings & Measures section, where they can be filtered and edited.

Connection to Residual Risk🔗

The planned and implemented measures form the basis for assessing the residual risk.
Depending on the effectiveness of the measures, likelihood and impact can be rated lower in the residual risk assessment.

Notes & Best Practices🔗

  • Focus on risks with a high or critical risk class.
  • Plan fewer, clearly formulated measures with realistic deadlines rather than many vague actions without clear responsibility.