Risk management heat maps - they are risky
We can then show the number of rated risks in each segment of the heat map. These numbers do not include unrated risks, unidentified risks, or risks with unknown likelihood or consequences.
Wait! What about a heat map? Doesn’t everyone use a heat map to show risks?
Heat map example
Have no fear. We can represent our qualitative risk model as a heat map too. There are some limitations to a heat map that we will discuss later.
But heat maps are useful for certain situations.
Blank heat map
A heat map typically looks like a grid, although there are different representations.
++Good place for link to external resources++
The number of boxes should correspond to our qualitative model.
Grid labels
We have columns and rows for each increment of our scale. Yes, we have intentionally omitted zero, even though it's in our scale. A heat map can grow to accommodate larger scales.
Grid colored
Now we will fill in the grid to make it visually arresting. Most risk heat maps come with a variation of this color scheme.
It is important not to color specific boxes without first setting your risk tolerance policy. Green boxes, for example, here communicate that those risks are acceptable, meaning we do not have to take any action to manage them. We will discuss risk tolerance or risk criteria later.
Grid numbers
We can then show the number of rated risks in each segment of the heat map.
These numbers do not include unrated risks, unidentified risks, or risks with unknown likelihood or consequences.