Risk Management Module Help Desk Support Guide

1. Help Desk Overview

The Risk Management Help Desk supports users interacting with the Risk Module inside the Orangescrum platform.

The help desk assists with:

Risk creation and lifecycle management
Workflow and status issues
Mitigation tracking
Risk linking to tasks/sprints
Approval workflow problems
Notifications and escalation issues
Dashboard/reporting support
Technical troubleshooting

The module provides a centralised risk register, automated scoring, mitigation tracking, and an approval workflow integrated into the project lifecycle.

Developer_documentation_risk_v1

2. Supported System Architecture

The module runs on the following architecture.

Frontend

VueJS 3
Vuetify UI

Backend

CakePHP 4 Risk Plugin

Database

PostgreSQL 17

API

REST JSON APIs

Architecture flow:

VueJS UI
↓
REST API
↓
CakePHP 4 Risk Plugin
↓
CakePHP ORM
↓
PostgreSQL Database

This architecture enables scalable risk tracking and dashboard reporting.

Developer_documentation_risk_v1

3. Help Desk Support Levels

Support Level	Responsibility
L1 Support	User assistance, password/reset issues, navigation
L2 Support	Workflow, risk linking, configuration
L3 Support	Developer debugging, database fixes, performance

4. Common User Issues & Resolutions

4.1 Cannot Create Risk

Possible Causes

Required fields missing
User lacks permissions
Project context missing

Mandatory Fields

Risk Title
Risk Description
Risk Category
Risk Type
Identified By
Risk Owner

These must be completed before moving beyond Draft status.

Risk_Management_Scope_of_Work_v1

Resolution

Open Risk Module
Click Create Risk
Complete mandatory fields
Save as Draft

4.2 Risk Score Not Calculating

Cause

Risk score depends on:

Risk Score = Probability × Impact

Range: 1 – 25

Risk_Management_Scope_of_Work_v1

Resolution

Ensure:

Probability selected (1–5)
Impact selected (1–5)

4.3 Cannot Close Task Due to Risk

Cause

Tasks cannot be closed when linked risks are still open.

Risk_Management_Scope_of_Work_v1

Blocking statuses include:

Identified
Under Assessment
Mitigation In Progress
Escalated
Monitoring
Materialised

Resolution

Open Linked Risk
Resolve mitigation
Move risk to:

Closed — Resolved
Closed — Accepted
Closed — Expired

4.4 Risk Not Visible in Task

Cause

Risk is not linked.

Resolution

Open task
Click Linked Risks
Add risk
Save

4.5 Cannot Change Risk Status

Cause

Invalid workflow transition.

Allowed transitions are enforced by the system.

Risk_Management_Scope_of_Work_v1

Example transitions:

From	To
Draft	Identified
Identified	Under Assessment
Under Assessment	Mitigation
Mitigation	Monitoring
Monitoring	Closed

5. Risk Lifecycle Help

The module follows a structured lifecycle.

Draft
↓
Identified
↓
Under Assessment
↓
Mitigation In Progress
↓
Monitoring
↓
Closed

Special states:

Escalated
Materialised

Each transition creates an audit entry.

Risk_Management_Scope_of_Work_v1

6. Mitigation Management Help

Each risk may contain multiple mitigation plans.

Example mitigation fields:

Title
Description
Assigned User
Due Date
Status

Mitigation statuses:

Not Started
In Progress
Completed
Overdue

These are stored in the risk_mitigations table.

Developer_documentation_risk_v1

7. Notifications & Escalations

Notifications are triggered automatically.

Event	Recipients
Risk Created	Project Manager
Risk Assigned	New Owner
Status Change	Risk Owner
Escalation	Senior Management
Mitigation Overdue	Mitigation Owner

Channels:

Email
In-app notifications

Risk_Management_Scope_of_Work_v1

8. Dashboard & Reporting Support

The Risk Dashboard includes:

Total risks by status
Risk rating distribution
Heat map
Overdue risks
Mitigation progress
Recently added risks

The 5×5 Heat Map plots probability vs impact.

Risk_Management_Scope_of_Work_v1

9. Audit Log Support

Every action is tracked.

Audit log captures:

Field change
Old value
New value
User
Timestamp

Audit logs are immutable and cannot be edited.

Risk_Management_Scope_of_Work_v1

10. Database Troubleshooting

Key tables:

Table	Purpose
risks	Main risk records
risk_mitigations	Mitigation plans
risk_entity_links	Task/sprint linking
risk_state_history	Status history
risk_audit_logs	Audit logs

These tables support risk tracking and lifecycle management.

Developer_documentation_risk_v1

11. Developer Support (CakePHP 4)

Plugin structure:

plugins/Risk/

config/
src/

Controller/
Model/
Table/
Entity/

Service/
RiskWorkflowService
RiskApprovalService
RiskScoringService
RiskAuditService

Responsibilities:

Service	Function
RiskWorkflowService	Status transitions
RiskApprovalService	Approval logic
RiskScoringService	Risk score calculation
RiskAuditService	Audit tracking

12. Performance Troubleshooting

Recommended optimisations:

Index frequently queried columns
Pagination on risk lists
Materialized views for dashboards
PostgreSQL autovacuum enabled

The system supports 50,000+ risks across projects.

Developer_documentation_risk_v1

13. Scheduled Jobs (Cron)

The system runs background jobs for:

Overdue mitigation detection
Review reminders
Escalation alerts
Risk rating updates

14. Security & Access Control

Roles supported:

Role	Permissions
Team Member	Create risks
Risk Owner	Manage mitigation
Approver	Approve risks
Project Manager	Escalate risks
Admin	Full control

15. Help Desk Contact Process

Issue Reporting Format

Users should provide:

Project Name
Risk ID
Screenshot
Error Message
Steps to reproduce

Example:

Project: Insight 2.0
Risk ID: RISK-014
Issue: Unable to move risk to Monitoring
Error: Transition not allowed

16. Escalation Matrix

Level	Contact
L1	Application Support
L2	Product Support Team
L3	Development Team
L4	Architecture / DevOps

17. Knowledge Base Topics

Help desk articles should include:

Creating a risk
Linking risk to tasks
Risk workflow explanation
Mitigation tracking
Risk dashboard usage
Handling escalation
Closing risks

✅ Result

This help desk document supports:

End users
Project managers
Administrators
Developers

For the CakePHP 4 Risk Management Module described in your documents.