Keywords: Risk, risk side panel, risk dashboard, heat map, inherent, residual, target, response, controls, documents, action items, BoardX, admin
The Risk side panel is the report-style view that opens from the Risk Dashboard. It gives you everything important about a Risk in one place — the current cycle's scores, what's mitigating it, the response plan, and the actions in flight — without leaving the dashboard.
Who can use the Risk side panel?
The Risk side panel is available to Tenant Owner, Admins, and GRC Admins on tenants where the Risk workspace is enabled.
Step 1: Open the Risk side panel
There are a few ways to open the Risk side panel, depending on where you are in BoardX.
From the Heat Map. On the Risk Dashboard, open the Heat Map and click any Risk plotted on it. The side panel slides in.
From the Charts view. Switch the Risk Dashboard to Charts view, find the Risk in the list of risks, and click it.
From the GRC List. Open the GRC List and go to the Risks section. Click any Risk in the list to open its side panel.
No matter where you opened it from, the panel itself works the same way. To close it, click the X in the top-left corner.
Step 2: Get to know the header
The top of the panel has two rows of context.
The first row holds the action controls: a To Risk page button that opens the full Risk page in a new tab, an Action button (which adapts to the Risk's status — for example, Monitor — and includes options like Request Assessment), and a 3-dot menu with Delete, Send Reminder, and Export Risk Report.
Below the actions, the Risk's name is shown as a heading. Click the name to make it editable in place, type the new name, and save.
The second row shows quick-reference fields:
Number — the Risk's ID (for example, RSK0002).
Owner — the person responsible for the Risk.
Entity — the entity the Risk belongs to.
A date field that changes meaning by status: Next Cycle Launch date when the Risk is in Draft, Monitoring, or Paused, or Due date when it's in Assessment or Response. If the Risk is in Draft and there's no date set yet, you'll see Not defined.
Response — the response strategy chosen during the response step.
Target status — On Target or In progress. (Residual score below or above risk target) Only appears when a Target has been set.
Step 3: Use the three tabs
Below the header, the panel has three tabs.
The Overview tab — covered in this article — is the report view of the current cycle: the scores, the linked items, the response plan, and the actions.
The Risk Activities tab is where you actually work the Risk through its lifecycle, step by step. See Risk side panel: Working through Risk Activities.
The History tab shows every cycle the Risk has been through and the activity log for each one. See Risk side panel: Risk History & exporting.
Step 4: Read the Current cycle progress
At the top of the Overview tab, the Current cycle strip shows where the Risk is in its lifecycle: Draft, Assessment, Response, Monitoring, and the Next Assessment date. Each milestone is checked off as you pass it, with the active stage highlighted.
Step 5: Use the action buttons
Below the cycle strip, three buttons let you act on the Risk without leaving the panel.
View Risk Movement opens the Risk Movement modal, which shows how the Risk's scores have changed over time.
Export Risk Report downloads a Risk report for the individual Risk. (This is the same export as the Export Risk Report option in the 3-dot menu.)
Edit Risk details replaces the report view with an edit form so you can change the Risk's setup. Covered in detail in the next article.
Step 6: Read the Assessment Graphic
The colored arrow in the middle of the Overview tab is the heart of the panel. It pulls together the current cycle's scores and the items mitigating the Risk:
INHERENT — the score before any mitigations. Shows the Updated date so you know how fresh it is.
RESIDUAL — the score after mitigations. Also shows an Updated date.
TARGET — the goal score. If a Target hasn't been set, you'll see a Not set badge instead.
Sitting on the arrow itself are tiles for the items that move the Risk between Inherent and Residual:
Controls — counter showing how many Controls are linked.
Documents — counter showing how many supporting documents are linked.
Response plan — appears once a Response task has been created and a response plan file attached.
Actions — counter showing how many Action tasks are in flight.
Click any tile to scroll straight to the corresponding section below.
Step 7: Review and edit the linked sections
Below the graphic, the Overview tab has a series of sections you can scroll through.
Risk Groups. A multi-select field listing every Risk Group this Risk belongs to. The field is editable, has a search, and works the same way as on the Risk Details tab.
Linked Controls. A table of every Control mitigating this Risk, with columns for Number, Name, Entity, State, and Owner. You can filter by Entity, Entity Group, State, or Owner, and sort by Name or State. The table only appears when at least one Control is linked.
Linked Documents. A table of every supporting document linked to the Risk, with columns for Name, Last modified, and File size. Sortable by Name or Last modified. Only appears when at least one document is linked.
Response plan. Pulls in everything from the response step — the Strategy (for example, Accept), the Strategy description (the canned guidance text that goes with the strategy), the Response plan document if one was attached (click the tile to preview, or download the file), and any Comment left during the response task.
Action Items. A table of every Action task created from the Risk, with columns for Name, Creation date, Due date, Status, and Assigned to. Sortable by Name, Creation date, or Due date. Only appears when at least one Action task exists.
All tables show up to 5 rows by default, then paginate.
Assurance notes. A list of the assurance notes captured against this Risk, with each note's author, date, and content. This is the same set of notes managed from the Assurance step on the Risk Activities tab — the section here is the read-friendly view that lives alongside the rest of the Overview.
What's next
Risk side panel: Editing Risk details — using Edit Risk details to update Description, Risk Assessment Method, Frequency, Appetite, Target, and the cycle schedule
Risk side panel: Working through Risk Activities — the 8 numbered steps from Inherent Assessment through Assurance
Risk side panel: Risk History & exporting — cycle tiles, the activity log, and the Risk History export
Need help?
If you get stuck, click the chat bubble in the bottom-right corner of any Risk page — we're happy to help.