Risk evaluation approvals provide a structured format for formal sign-off before risk assessment changes take effect. When you configure a risk assessment, you can set up approval requirements to provide a sign-off mechanism. Risk assessors complete their evaluations and submit each one for approval. Assigned approvers review the proposed changes and approve them or request modifications. When an evaluation is approved, the changes made in that evaluation are saved to the risk record and the evaluation details are locked.
Note:
Evaluation approval workflows apply only to risk evaluations.
If you edit the configuration of an approval workflow in an assessment, the changes apply only to new evaluations created after the change.
Evaluation approvals workflow
The evaluation approval workflow moves a risk evaluation through a structured sequence of stages, from configuration through final approval and automatic risk updates.
Configure the approval workflow on the assessment - Create a new assessment with an approval workflow, defining the flow type (sequential or parallel), steps, approvers, and completion rules. This configuration is copied to all risk evaluations created under that assessment. See Creating a risk assessment and Adding an approval workflow to an existing risk assessment.
Configure the approval workflow on a risk evaluation - If you have an assessment where the approval workflow hasn’t been configured, but you want a specific evaluation to go through the process, you can configure an approval on a single evaluation. See Configuring an approval on a risk evaluation.
Work on the evaluation - Update the risk fields being evaluated as needed (likelihood, impact, and any other configured fields). Editing risk fields automatically transitions the evaluation status from Not started to In progress. See Evaluating risks.
Submit the evaluation - When changes to the evaluation are complete, submit it for approval. Hyperproof creates the approval requests based on the evaluation’s approval configuration and sends a notification to each approver. Each approver receives an individual approval to act on. See Submitting an evaluation for approval.
Cancel the approval - If you submit the evaluation for approval too soon, you can cancel the approval as long as no approver has started the approval process. Canceling the approvals returns the evaluation to the In progress status and enables the Submit button. When you are ready, click Submit to trigger the approval process. See Canceling risk evaluation approvals.
Approvers complete their approvals - Approvers receive an email notification for each approval and must log in to Hyperproof to work on them. Each assigned approver can access their approvals under Work Items > Approvals.
Each approver either approves or requests changes to the evaluation. See Completing a risk evaluation approval.
If all required approvers approve: Hyperproof applies the evaluated risk field values to the Risk record. The evaluation status changes to Approved, a permanent status that cannot be reversed.
If any approver requests changes: The evaluation returns to In progress for revision, and all outstanding approvals are cancelled.
Manually trigger risk updates from the evaluation - If the Automatically update risk option is not turned on for the approval, either the evaluation assignee or a manager on the evaluation must open it and click Update risk to permanently modify the risk fields with the information from the evaluation. See Updating a risk with approved evaluation data.
Revise and resubmit - If the evaluation approval is marked Change Requested, the evaluation assignee updates the evaluated risk fields based on the approver's feedback and resubmits. Hyperproof creates a new set of approvals based on the configuration in the assessment.