.png?height=120&name=logo-dld-blanc-transparent-baseless(1).png){kind=logo}
This article explains the rights of drafters and validators, from drafting a risk, to its validation and its mitigation.
Table of contents
Actors
When you create a risk you must choose:
- one or more drafters: they can edit the risk, request a review, and create risk mitigation steps (RMS).
-
one or more validators: they can validate the risk and request a review.
To find out more about risk creation and how to select drafters and validators, see Creating a risk.
Workflow
Statuses
Each risk goes through a number of statuses:
-
Being drafting
-
Being validated
-
To be reviewed
-
Validated
You can view the current status of a risk:
-
on the risk form
-
in the list of risks.
The "Edit risk" and "Manage risk" pages
There are two types of risk pages:
-
Edit risk page: this page allows you to draft and validate a risk. This is where the heart of the workflow takes place.
-
Manage risk page: on this page you can mitigate a risk and obtain the net risk.
Rights on the "Edit risk" page
This section describes the actions that each type of actor can perform on the "Edit risk" page, in each status.
Being drafted
When a risk is created, its status is Being drafted.
In this status, only drafters have rights. They can create and edit the risk. Once they have finished editing the risk they click the Submit for validation button: the status switches to Being validated.
Being validated
In this status, several actions are possible depending on whether you are a validator or a drafter:
- if a validator considers that the risk is described accurately and fully, they click the Validate button. The status switches to Validated.
-
if a validator considers that the risk requires changes or additional information, they click the To review button. The status switches to To be reviewed.
-
if a drafter wishes to modify the risk, they click the Review button. The status switches to To be reviewed.
To be reviewed
A drafter can edit the risk.
When they have finished editing it, they click the Submit for validation button. The status switches to Being validated.
Validated
When the status of the risk is Validated it can no longer be edited. However, if a factor impacting the risk changes, the risk must be updated. This update, or review, can only be requested by a validator, by clicking the Review button. The status switches to To be reviewed.
Summary table
The following table summarizes the rights described above. The right-hand column lists the buttons available for each type of actor, as well as the new status once the button is clicked.
|
Statuses |
Actors |
Can they edit? |
Buttons → Status change when clicked |
|
Being drafted / To be reviewed |
Drafter |
Yes |
Submit for validation → Being validated |
|
Validator |
No |
N/A |
|
|
Being validated |
Drafter |
No |
Review → To be reviewed |
|
Validator |
No |
Validate → Validated To review → To be reviewed |
|
|
Validated |
Drafter |
No |
N/A |
|
Validator |
No |
Review → To be reviewed |
If a person is both a drafter and a validator, they have the following rights:
- Drafter rights in the Being drafted and To be reviewed statuses;
-
Validator rights in the Being validated and Validated statuses.
Rights on the "Manage risk" page
On the manage risk page, only drafters can create and select risk mitigation steps.
Coming soon: each time a risk changes status, the concerned actors will receive an email and a notification in the DLD Anti-corruption solution. The actor who triggered the status change will not receive a notification.