Risk Heatmap
The risk heatmap provides a visual representation of your risk landscape.
What is a Risk Heatmap?
A heatmap displays risks on a grid based on:
- X-axis: Likelihood (probability)
- Y-axis: Impact (severity)
Risks cluster in cells showing their relative priority.
Impact
Low Med High
┌────┬────┬────┐
Hi │ 🟡 │ 🟠 │ 🔴 │
├────┼────┼────┤ Likelihood
Me │ 🟢 │ 🟡 │ 🟠 │
├────┼────┼────┤
Lo │ 🟢 │ 🟢 │ 🟡 │
└────┴────┴────┘
Viewing the Heatmap
- Navigate to Risks
- Click Overview or Heatmap view
- See risks plotted by likelihood and impact
Reading the Heatmap
Colors
| Color | Meaning |
|---|---|
| 🔴 Red | Critical - Immediate attention |
| 🟠 Orange | High - Priority treatment |
| 🟡 Yellow | Medium - Monitor closely |
| 🟢 Green | Low - Acceptable risk |
Risk Count
Each cell shows the number of risks in that category.
Drill Down
Click on a cell to see the specific risks in that category.
Heatmap Types
Inherent Risk Heatmap
Shows risks before controls are applied.
- Baseline risk picture
- Identifies highest raw risks
Residual Risk Heatmap
Shows risks after controls are applied.
- Current risk exposure
- Measures control effectiveness
Comparison View
Side-by-side inherent vs residual:
- See risk reduction
- Identify treatment gaps
Filtering the Heatmap
Filter risks displayed on the heatmap:
- Category — Show specific risk categories
- Owner — Show risks by owner
- Status — Show by treatment status
- Tags — Filter by tags
Using the Heatmap
Prioritization
Focus on risks in the red zone first.
Reporting
Export heatmap for management reports.
Trend Analysis
Compare heatmaps over time to see improvement.
Gap Analysis
Identify areas with concentrated risks.
Best Practices
- Review regularly — Check heatmap in risk meetings
- Compare views — Look at both inherent and residual
- Drill down — Investigate clusters of high risks
- Track movement — Watch for risks moving between zones
- Share with stakeholders — Visual communication is powerful
Next Steps
- Formulas — Configure risk scoring
- Risk Treatment — Address high-priority risks