Comparison of Risk Management Apps on Jira Cloud

April 9, 2020

Following our previous post where we compared the 4 top risk management apps on Jira Server, in this post we are comparing the features of the 2 most popular risk management apps on Jira Cloud. One of them is for product and project risk management (SoftComply Risk Manager) and the other for organisational risk management (Risk Register) purposes.

The product risk management app, SoftComply Risk Manager, offers three risk management templates – Hazard Analysis, FMEA and a Simple Project Risk Management template, and is fully customisable to any risk management project.

The organisational risk management app (Risk Register) has been developed for managing organisational risks and is based on ISO 31000 risk management process.

To compare the features of the two risk management apps, the table below illustrates the apps’ main use cases, their ease of use and customisability, risk visualisation, risk mitigation, risk traceability, and risk reporting functionalities.

Use Cases

SoftComply Risk Manager

Risk Register

 

Product/software risk management
+
Project risk management

 

Organisational risk management


 

Ease of Use

SoftComply Risk Manager

Risk Register

 

Fully customisable Initial and Residual Risk Matrix for each risk project
+
fully customisable risk table view

+

 

One risk matrix configuration for the entire organisation, configuration customisable:

 

 

Risk Visualisation

SoftComply Risk Manager

Risk Register

 

Risk Matrices – users can see both the initial and the residual risk matrix in this view;

+

Risk Table view:

  • Hazard analysis template (ISO 14971 compliant); or
  • FMEA template (IEC 60812 compliant); or
  • Generic risk project template.

 

Hazard analysis table view:

 

FMEA table view:

 

Simple project risk management table view:

 

Risk Matrix view – users can choose between inherent and residual risk matrix view;

+

Risk Register view –  a list of identified risks with inherent and residual risk classes

 

 

Risks in Jira Issue View

SoftComply Risk Manager

Risk Register

 

Jira issue view displays the details about each risk, their initial and Residual Severity and Probability as well as Risk Class values:

 

Jira issue view displays the links as well as Severity and Probability values of the risk:

 

 

Risk Mitigation

SoftComply Risk Manager

Risk Register

 

Users can add links to Mitigation Actions (mitigates/is mitigated by) and Verification Actions (verifies/is verified by) + additional links to Jira issues that they can create themselves either in Jira issue view or in Table view.

Mitigation and verification actions with links in Risk table:

Users can add additional links to Jira issues in the Risk Table:

 

Users can add additional links to risks also in Jira issue view:

 

Users can specify only Jira’s own link types to risks, i.e. there is no custom link type in Risk Register for risk treatment.

Users can link risks to Treatment only in Jira issue view:

 

 

Customisability

SoftComply Risk Manager

Risk Register

 

Risk Matrix is fully customisable – users can add Probability and Severity levels & define and edit Risk Classes:

+

Risk Table view is fully customisable – users can edit their selected templates by renaming columns, adding different types of columns, hiding and re-ordering columns, and sorting and filtering the data in the table.

Users can add various column types to the table:

 

Data in the table can be sorted and filtered by the user:

 

Columns in the risk table can be re-ordered, renamed and hidden:

 

Risk Matrix is fully customisable – users can add Probability and Severity levels & define and edit Risk Classes:

 

 

Risk Traceability

SoftComply Risk Manager

Risk Register

 

Risk Traceability for each risk is automatically generated in the Table (in Traceability Column) based on all the user-specified links to other Jira issues or hyperlinks:

 

 

No automated traceability

 

Risk Reporting

SoftComply Risk Manager

Risk Register

 

Automated custom reporting:

Risk Management Plan provides an ISO 14971 compliant pre-filled template that includes the configuration of the Risk Matrices of the user-specified risk project. Plan is customisable;

Risk Management Report provides an ISO 14971 compliant pre-filled template that includes the Initial and Residual risk matrices with the count of risks with their Risk Classes per matrix. Report is customisable.

Risk Management Plan template:

 

Risk Management Report template:

 

No automated custom reporting

 

Dashboard Gadgets

SoftComply Risk Manager

Risk Register

 

Risk Matrix dashboard gadget where users can choose if they wish to see Initial, Residual or both Risk Matrices in their dashboard:

 

Risk Register dashboard gadget where users can choose if they wish to see either the Inherent or Residual Risk Matrix:

 

Table of Contents

Ready to get started?

Contact us to book a demo and learn how SoftComply can cover all your needs

New Cybersecurity Risk Management Features in Jira
Picture of Marion Lepmets

Marion Lepmets

CEO
November 8, 2024

The Role of Cybersecurity in Medical Device Safety The Global medical device market is a $800 billion business that is rapidly growing, especially in the area of software as a medical device (SaMD). The majority of the SaMD segment is made up of the digital health and digital therapeutics solutions,...

Medical Device Compliance Guide
Picture of Marion Lepmets

Marion Lepmets

CEO
September 23, 2024

Introduction This medical device compliance guide focuses on the key requirements and strategies for navigating the regulatory landscape. We will cover the role of major regulatory bodies like the FDA, the classification of devices, and the importance of quality management. We will also discuss the challenges of global compliance and...

CVSS-FDA-cybersecurity-medical-devices-1712x599-c
Picture of Matteo Gubellini

Matteo Gubellini

Regulatory Affairs Manager
September 16, 2024

This case study describes the experience of a multinational medical device manufacturer meeting the FDA cybersecurity requirements. The company is operating in the MedTech sector developing a class 2/IIb device consisting of hardware and software. The company spent about 2 years working on the security risk management of the device....