Risk
Explains how risk levels are assigned to entities based on total risk scores, and how risk models use factors to calculate those scores.
Entities undergoing assessments are assigned a risk level based on their total risk score, which is calculated using the risk model defined for the assessment. Risk levels reflect the overall risk the entity under assessment poses to your company.
The default levels are Low, Medium, and High, with two optional levels: Very high and Severe. Each risk level corresponds to a specific range of scores. For example, a score between 0 and 50 may fall within the Low risk range. Once the total risk score is calculated, the entity is assigned the risk level that matches the range it falls into.
About risk models
A risk model is a set of rules used to evaluate an entity's risk score during an assessment.
Risk models are specific to the entity type, meaning that a risk model is always applied to either individual entities or company entities.
Each risk model is made up of specified risk factors, attributes that contribute to the overall risk score. Examples of risk factors include age, nationality, and PEP status. Learn more about risk factors.
When configuring a risk model, you decide whether each factor is required, meaning it must be included in the risk score calculation, or optional, meaning it's only used in the calculation if the relevant information is available.
Each risk factor is assigned a numerical score that reflects its significance. A higher score indicates a higher perceived risk. When an entity is assessed, all required factors and any available optional factors are used to calculate a total risk score. The risk level is determined based on which score range the total falls into.