Configuring Jama for Risk Management - Multiple Controls
Hello,
We're getting started on our Jama journey and are struggling with the guidance we see, for example, in the Jama Connect Medical Risk Management guidance, about configuring the Risk Analysis records.
Every example I see has a single Risk Item and a single Mitigation. Does nobody assign multiple mitigations to a single Risk Item? (We see this more often in Cybersecurity Risk Management) If so, how are you representing your Risk Control Measures in a way that allows traceability to Risk Requirements and Verification Test for a single control measure?
We've considered documenting Risk Control Measures in a separate record, and relating them via links to the Risks they Mitigate, but this makes it more difficult to present a single table view of Risks and their Mitigations. (If only we could create a view that merges the tables)
How are you handling multiple RCMs on a single Risk Item, and the associated traceability?
Thanks for your consideration.
-------------------------------dan'l
Dan Rittersdorf
DornerWorks, Grand Rapids, MI
------------------------------
Comments
-
Hello Dan, did the Jama team help you resolve this? I am experiencing a similar problem.
------------------------------
Anuja Harpale
------------------------------
-------------------------------------------
Original Message:
Sent: 11-14-2023 07:40
From: Dan Rittersdorf
Subject: Configuring Jama for Risk Management - Multiple ControlsHello,
We're getting started on our Jama journey and are struggling with the guidance we see, for example, in the Jama Connect Medical Risk Management guidance, about configuring the Risk Analysis records.
Every example I see has a single Risk Item and a single Mitigation. Does nobody assign multiple mitigations to a single Risk Item? (We see this more often in Cybersecurity Risk Management) If so, how are you representing your Risk Control Measures in a way that allows traceability to Risk Requirements and Verification Test for a single control measure?
We've considered documenting Risk Control Measures in a separate record, and relating them via links to the Risks they Mitigate, but this makes it more difficult to present a single table view of Risks and their Mitigations. (If only we could create a view that merges the tables)
How are you handling multiple RCMs on a single Risk Item, and the associated traceability?Thanks for your consideration.
------------------------------
-dan'l
Dan Rittersdorf
DornerWorks, Grand Rapids, MI
------------------------------
0 -
We talked about several ways to do this, and embarked on a "relational database" model style of organization, but quickly back-pedaled due to the complexity of generating reports and providing traces.
------------------------------
We settled for replicating the risk items per RCM. This wastes space and provides opportunity for maintenance to diverge the replicated data, but reporting and more importantly tracing are maintained.
Dan Rittersdorf
DornerWorks
MI
------------------------------
-------------------------------------------
Original Message:
Sent: 01-05-2024 09:58
From: Anuja Harpale
Subject: Configuring Jama for Risk Management - Multiple ControlsHello Dan, did the Jama team help you resolve this? I am experiencing a similar problem.
------------------------------
Anuja Harpale
------------------------------
Original Message:
Sent: 11-14-2023 07:40
From: Dan Rittersdorf
Subject: Configuring Jama for Risk Management - Multiple ControlsHello,
We're getting started on our Jama journey and are struggling with the guidance we see, for example, in the Jama Connect Medical Risk Management guidance, about configuring the Risk Analysis records.
Every example I see has a single Risk Item and a single Mitigation. Does nobody assign multiple mitigations to a single Risk Item? (We see this more often in Cybersecurity Risk Management) If so, how are you representing your Risk Control Measures in a way that allows traceability to Risk Requirements and Verification Test for a single control measure?
We've considered documenting Risk Control Measures in a separate record, and relating them via links to the Risks they Mitigate, but this makes it more difficult to present a single table view of Risks and their Mitigations. (If only we could create a view that merges the tables)
How are you handling multiple RCMs on a single Risk Item, and the associated traceability?Thanks for your consideration.
------------------------------
-dan'l
Dan Rittersdorf
DornerWorks, Grand Rapids, MI
------------------------------
0 -
Peter Lampacher Member, Jama Connect Interchange™ (JCI), Jama Validation Kit (JVK) + Functional Safety Kit (FSK) Posts: 14
Hi!
We decided for a separate risk mitigation item. Within Jama, traceability can be displayed in Trace View. For reporting, we developed a custom Velocity report.
Kind regards,
------------------------------
Peter Lampacher
MED-EL
Innsbruck
------------------------------
-------------------------------------------
Original Message:
Sent: 11-14-2023 07:40
From: Dan Rittersdorf
Subject: Configuring Jama for Risk Management - Multiple ControlsHello,
We're getting started on our Jama journey and are struggling with the guidance we see, for example, in the Jama Connect Medical Risk Management guidance, about configuring the Risk Analysis records.
Every example I see has a single Risk Item and a single Mitigation. Does nobody assign multiple mitigations to a single Risk Item? (We see this more often in Cybersecurity Risk Management) If so, how are you representing your Risk Control Measures in a way that allows traceability to Risk Requirements and Verification Test for a single control measure?
We've considered documenting Risk Control Measures in a separate record, and relating them via links to the Risks they Mitigate, but this makes it more difficult to present a single table view of Risks and their Mitigations. (If only we could create a view that merges the tables)
How are you handling multiple RCMs on a single Risk Item, and the associated traceability?Thanks for your consideration.
------------------------------
-dan'l
Dan Rittersdorf
DornerWorks, Grand Rapids, MI
------------------------------
0