How to Report Risks in Jira

February 18, 2022
Table of Contents

    Introduction

    When you manage your product risks in a highly regulated industry, you are well-aware that it is a business-critical and ever-lasting journey. While you may be continuously on this journey, your colleagues, managers and auditors often want to get a quick overview about it. There are those who will want to understand the statistics about which department deals with the most critical risks. And those who would like to understand if all unacceptable risks are covered by mitigation actions. And still some who want to see even more details like the history of each risk over time.

    After having talked to a countless number of Risk Managers about their reporting needs, we have added new risk reports to our Risk Management apps on Jira. If you are managing your risks with the SoftComply Risk Manager or Risk Manager Plus already, you will greatly benefit from these new reports. If you are not using the SoftComply Risk Manager or Risk Manager Plus yet, please book your DEMO here to learn more about them.

    In this blog post, we will provide you with an overview of new Risk Reports that are available on Jira Server and Data Center. About Risk Reporting in Cloud, you can check out more in our previous blog post on Risk Reporting in Jira and Confluence Cloud.

    Risk Reports in Jira Server and Data Center

    The following risk reports are now available for the SoftComply Risk Manager and Risk Manager Plus apps on Jira Server and Data Center.

    Risk History Report

    Purpose: Risk History report provides you with an overview of changes made to each risk throughout the lifespan of that risk together with the user who made the changes and the timestamp of when the changes were made.

    Presentation: Risk History report provides a graphical interpretation of changes made to risk parameters like Severity and Probability that impact the overall Risk Class. Each point of change highlights the changes made, who made the changes and when.

    Risk History can be accessed either in Dashboard where the user can select the risks to be displayed or in the custom Risk Report. In addition to that, you can view the history of each risk also individually in Jira issue view.

    Risk History of a single risk in Jira issue view:

    Risk History of multiple risks as Jira Dashboard Item together with detailed history log:

    Risk Traceability Report

    Purpose: Risk Traceability is a vital tool for providing a quick overview of the completeness of risk management often used in the regulated industries. The traceability matrix shows the coverage of risks by mitigation and verification actions. For example, in the medical device industry, both the FDA and ISO 14971 require bi-directional traceability to be established between risks, requirements and tests.

    Presentation: Risk Traceability report is provided in the format of a two-dimensional traceability matrix displaying the link type (e.g. “is mitigated by”) and the direction (small arrow pointing to the target) between risks and other Jira issues of your choice. The matrix is fully customisable and the user can specify the risks and Jira issues to be mapped as well as the link types to be displayed.

    Risk Traceability report can be viewed either in Jira Dashboard or in the custom Risk Reports view.

    Risk Traceability matrix in Jira Dashboard:

    Risk Traceability Report in Custom Jira Reports (user-specified view of a subset of links):

    Risk Table Report

    Purpose: Lots of Risk Managers are (or have been in the past) using Excel for managing and calculating risks. Because Risk Managers need to map risks with software requirements and tests that are (increasingly) being specified in Jira, we have created a Risk Table view for risk managers who are used to managing risks in a spreadsheet view.

    Presentation: Risk Table Report allows visualising user-specified risks in a spreadsheet view. Risk Table Report can be accessed either in Jira Dashboard or as a custom Jira report.

    Risk Table Report in Jira Dashboard:

    Risk Matrix Report

    Purpose: Risk Matrix report provides a visual overview of identified and residual risks. Risk Matrix report can be used for both ISO 14971 Risk Plan (to describe the configuration of the Risk Model) as well as Risk Report (together with Initial and Residual risks).

    Presentation: Risk Matrix report is fully customisable – users can choose which risks to display from which project and whether to display only the Initial Risk Matrix or the Residual Risk Matrix or both together.

    NOTE: For those of you who have been using the Risk Manager or the Risk Manager Plus on Server or Data Center, the Risk Model View has now been replaced with a Risk Matrix View displayed below. Risk Matrix can be customised by Admins via the “Configure” button on the menu above the Risk Matrix.

    Risk Matrix reports can be accessed either in Jira Dashboards or in custom Jira reports. Risk Matrix report pulls data from the Risk Manager or Risk Manager Plus Risk Matrix page. Risk Matrix Report in Dashboard can be fully customised in the Dashboard item Settings page as illustrated in the pictures below.

    Risk Matrix (Risk Model View):

    Risk Matrix Report in Dashboard can be fully customised in the Dashboard item Settings page as illustrated in the pictures below.

    Risk Matrix Report Settings Page in Jira Dashboard:

    Risk Matrix Report in Dashboard can be fully customised in the Dashboard item Settings page as illustrated in the pictures below.

    Risk Matrix Report in Jira Dashboard customised on Settings page:

     

    Summary

    Risk Management in the regulated industries is a crucial and often scrutinised process to ensure that the product is safe to use prior to placing it to market.

    SoftComply has developed two risk apps on Jira to help regulated industries capture, manage and report product risks.

    We would be happy to demo our apps to you anytime – feel free to book a DEMO call with our experts. We would also love to hear more about your specific risk management requirements so as to support you better. Feel free to send us your feedback and/or risk management requirements.

    By Marion on 18 Feb 2022

    Table of Contents

    Ready to get started?

    Contact us to book a demo and learn how SoftComply can cover all your needs

    New Cybersecurity Risk Management Features in Jira
    Picture of Marion Lepmets

    Marion Lepmets

    CEO
    November 8, 2024

    The Role of Cybersecurity in Medical Device Safety The Global medical device market is a $800 billion business that is rapidly growing, especially in the area of software as a medical device (SaMD). The majority of the SaMD segment is made up of the digital health and digital therapeutics solutions,...

    Medical Device Compliance Guide
    Picture of Marion Lepmets

    Marion Lepmets

    CEO
    September 23, 2024

    Introduction This medical device compliance guide focuses on the key requirements and strategies for navigating the regulatory landscape. We will cover the role of major regulatory bodies like the FDA, the classification of devices, and the importance of quality management. We will also discuss the challenges of global compliance and...

    CVSS-FDA-cybersecurity-medical-devices-1712x599-c
    Picture of Matteo Gubellini

    Matteo Gubellini

    Regulatory Affairs Manager
    September 16, 2024

    This case study describes the experience of a multinational medical device manufacturer meeting the FDA cybersecurity requirements. The company is operating in the MedTech sector developing a class 2/IIb device consisting of hardware and software. The company spent about 2 years working on the security risk management of the device....