Multiplier on Preventative/Mitigative Risk Controls
Sometimes a mitigative control will not be as effectiveness as a preventative control (even though they are assigned the same Control Effectiveness). With the implementation of multiplier on Preventative/Mitigative Risk Controls, users can now set the weighting on those Risk Controls, i.e. making Mitigative Risk Control less important by reducing the multiplier to less than 1.
Solution: Preventative/Mitigative Control Multiplier
Navigate to the Configuration Editor, Register Policies > Controls and you will find two new options:
In this example, the multiplier for Mitigative Risk Control has been changed to 0.5. Applying this change will yield the Mitigative Risk Controls to have half the effectiveness as the Preventative Risk Controls (technically speaking, this is not true as this multiplier is a linear function and the effectiveness is based on logarithmic value).
After the recalculation, as the multiplier for Preventative Risk Control has not changed, the control effectiveness will still be the same. For the example below, the control effectiveness of “Medium” has a 1 order of risk reduction, changing the likelihood from “Likely” to “Possible” and this is a Preventative Risk Control.
With the same control effectiveness of “Medium”, however the incoming and outgoing likelihood for the Mitigative Risk Control are still the same, as there is a multiplier of 0.5 in the calculation.
This feature moves one step closer to having a valuable heuristic for the calculation of a control’s effectiveness based on its known parameters.
More on this later. To find out more, simply visit our Contact Us page.
About Meercat RiskView
Meercat RiskView provides all the risk and assurance tools a company needs to build and grow a best-practice business from day one.
It’s fast to deploy, secure, transparently involves everyone, shares learnings, and insights, and reduces the time, expertise and cost associated with getting better at business and minimising costly losses.
Used by retailers to hydro generators, chemical manufacturers to consultants, Meercat RiskView has the technical firepower and simplicity to keep everyone on the same page, solving problems consistently and efficiently.