Search help

Reference

Swise 101

Swise AI

Security Compliance

Risk Radar

Trust Link

Search help

Reference

Swise 101

Swise AI

Security Compliance

Risk Radar

Trust Link

Search help

Reference

Swise 101

Swise AI

Security Compliance

Risk Radar

Trust Link

Search help

Reference

Swise 101

Swise AI

Security Compliance

Risk Radar

Trust Link

Risk Radar

Risk Radar

Risk Radar

Risk Radar is your comprehensive risk management tool that uses a 5×5 matrix to visualise and prioritise threats by plotting each risk according to its likelihood and impact—helping you quickly identify which risks need immediate attention while tracking them from identification through to residual risk assessment.

Risk management model

Each risk managed in Swise can be classified based on the Swise risk management model. The model helps you identify and understand the dynamics of each individual risk, as well as understand your overall risk posture. Risks are assigned a business owner and status, and have the same collaborative features like comments and sharing you'll be familiar with from other Swise features.

We use a 5×5 risk matrix to visualise and prioritise potential threats by plotting each risk according to its likelihood (1-5) and impact (1-5). This colour-coded grid helps us quickly identify which risks need immediate attention

Assessing likelihood

Consequences that are more likely to occur typically require more focus and control

Level 1 - Rare

Would only occur in exceptional circumstances e.g. less than 1% chance of occurring in the next 12 months

Level 2 - Unlikely

Unlikely to occur in most circumstances, e.g. 1-30% + chance of occurring in the next 12 months

Level 3 - Possible

Could conceivably occur in some circumstances, e.g. 30-60% + chance of occurring in the next 12 months

Level 4 - Likely

Has a reasonably high chance of occurring in many circumstances, eg) 60-80% + chance of occurring in the next 12 months

Level 5 - Almost certain

Expected to occur in most circumstances, eg) 80% + chance of occurring in the next 12 months

Assessing impact

Risks that have a higher potential impact typically require more focus and control

Level 1 - Insignificant

Operational impact easily handled through normal internal control processes

Level 2 - Minor

Some disruption possible; able to be managed with management input

Level 3 - Moderate

Significant disruption possible; managed with additional management and resource

Level 4 - Major

Business operations severely damaged or disrupted; requires extraodinary management input and resources

Level 5 - Extreme

Disaster; extreme impact on staff, plant, and / or operations

Net risk versus Residual risk

Net risk is the level of risk that exists after inherent risks have been identified and some controls are in place, but before a complete risk treatment plan is implemented.

Residual risk is the remaining risk level after all planned risk treatment options and controls have been fully implemented.

Typical risk evaluation flow:

  1. Identify the inherent Risk - The raw risk before any controls

  2. Assess net risk - Risk level after existing controls but before new treatments

  3. Plan and apply risk treatment - Implement additional controls based on risk priorities

  4. Evaluate Residual Risk - Determine if remaining risk is acceptable

When moving from net risk to residual risk, consider:

  1. Risk Tolerance: The amount of risk leadership is willing to accept for specific assets

  2. Asset Value: Higher-value assets may require more controls to reduce residual risk

  3. Control Effectiveness: How well the implemented controls actually mitigate the identified risks

  4. Cost-Effectiveness: Ensuring mitigation techniques are practicable and achievable for the business

© Copyright 2025 Swise Limited • All rights reserved.

© Copyright 2025 Swise Limited • All rights reserved.

© Copyright 2025 Swise Limited • All rights reserved.