SoftComply Risk Manager FAQ

Which permissions do I need for the SoftComply Risk Manager?

Please read security and permissions related questions at Risk Manager Security.


What happens if my evaluation period ends?

If your evaluation period ends and you have not purchased the license, the SoftComply Risk Manager’s functionality will stop working. You will have all the data you have entered available as regular Jira issues, but no access to Risk Manager tools, i.e. the risk management table, the risk matrices and the reporting.

If you choose to purchase a license, all features will become available again.

Why do I see empty risks in my table?

When you create a new mitigation action or a new verification action right into the risk management table, they will be generated into the same risk management project as a new risk, on a new row of the same risk management table. Since mitigation and verification actions are usually issues from another project, creating them into the same risk project will leave the other risk related fields empty, e.g. ‘Hazard’, ‘Harm’, ‘Cause’, etc.

To avoid empty risk rows from appearing, ensure you select the correct project where you want to create the new issue. If you intentionally need to create new risks by using the “+” feature in the “Mitigation Links” column or the “Verification Links” column, fill in the missing values later in the table. Alternatively, reconfigure your JIRA “create issue” screen by adding all the missing custom fields on it (see administration guide for how to do this).

Why can’t I create a new Risk Project?

Please have a look at the SoftComply Risk Manager configuration and answer the following questions:
1. Is your server base url set up correctly?

It should not be host://localhost…

For testing purposes the base url is often left untouched, but in order to have SoftComply Risk Manager work properly you need to set it up as described in Jira installation guide. Base url is the most important setting in your Jira installation!


2. Has the SoftComply Risk Manager app created the necessary custom fields during the installation?

You can see that under customfields list (locked custom fields) and search for fields named: Hazard, Harm, Severity, Probability, Cause.



3. Do you have all the necessary permissions?

Quick summary:

  • In order to create Risk Projects you need Jira Global Admin rights .
  • In order to customise matrices and table layout you need Administer Project permission.
  • In order to add new columns (i.e. create new custom fields) in table you need Jira Global Admin rights.
  • In order to work with risks you need regular issue related permissions (Browse project, Create/Edit/Link/Resolve/Transition/Assignable user/Assign issues).

See top of the page to read more!


4. You can also see what causes the form not to load, i.e. you not to be able to create a new Risk Project from you browser console.

The screenshot below has incorrect base url and it causes the problem you might have:


To open the dedicated Console panel in Chrome:

·  Press Ctrl+Shift+J (Windows / Linux) or Cmd+Opt+J (Mac).
·  If DevTools is already open, press the Console button.
·  Then just reload any page where the menu is missing and look whether you can see any red errors in the console.
·  Take a screenshot of that and share it with us.


5. If you still experience problems with creating a new Risk Project with the SoftComply Risk Manager, please share your Jira application support logs with us so that we can help you.

You can generate support zip from Jira Administration -> System -> System Support -> Troubleshooting and support tools (we need only Jira application logs and tomcat logs).



Why do some Severities automatically change when I update the Severity of one Risk in a Risk Project?

This is a feature of the SoftComply Risk Manager app that is related to the requirement of ISO 14971 for medical device risk management where one harm is always having the same Severity throughout one risk project.

In case you update the Severity of a risk, the SoftComply Risk Manager app will check all the risks in the risk project that have the same Harm and it will then update their Severity as well to keep the risk data consistent. 

This features is enabled by default when you create a risk project – on the last screen of the New Risk Project Creation wizard there is an option to “Enable strict Harm and Severity mapping”.

In case you would like to use the SoftComply Risk Manager to manage other types of risks (e.g. project risks, cybersecurity risks, etc) where you’d like to have different Severity levels for risks that have the same Harm, then you can disable this mapping when you create a new risk project. Note that this feature can only be changed when creating the risk project and cannot be modified later.

On topics regarding Jira and Confluence, please see Atlassian Community forums