Auroranexis documentation
The Risks module documents operational threats before they become client-impacting incidents. Register risks with severity and status, assign internal owners, link records to clients, and track mitigation through resolution or dismissal. Open risks contribute to client health signals, SLA evaluation, and operational dashboards used in reviews and governance discussions.
Each risk record captures title, description, severity, status, client linkage, owner, and due dates where applicable. The Risks list supports filtering by status and severity so operators can prioritize portfolio-wide reviews. Client detail pages show open risks alongside health and SLA context for account-level conversations.
Risks can be created manually by staff or originate from platform signals such as health engine evaluation, SLA breaches, reports, or activity events. Regardless of source, owners are responsible for status progression and documented rationale when closing records.
Severity drives SLA timer evaluation when the linked client has an assigned policy. High and critical risks should appear in weekly operations meetings alongside open incidents. Risk score summaries on client detail pages aggregate open items for quick triage.
Unlike incidents, risks represent potential or emerging threats rather than active client impact. Maintaining accurate distinction between the two keeps SLA metrics, health scores, and client communications aligned with what actually happened versus what might happen.
Operational risk tracking gives agencies a defensible record of known issues, mitigation plans, and accepted exposures. It supports internal governance, selective client transparency through published reports, and post-incident analysis when risks were identified but not yet resolved.
Linking risks to clients ensures portfolio views and reports reflect the correct account context. SLA policies apply response targets to open risks based on severity, aligning platform metrics with contractual commitments your team can demonstrate in QBRs.
Risk history also helps agencies avoid repeating mistakes. When a similar issue resurfaces, searchable records show what was tried, who owned mitigation, and why prior records were resolved or dismissed.
Risk severity definitions
| Severity | Description |
|---|---|
| Low | Minor operational concern with limited client impact; track for awareness. |
| Medium | Meaningful issue requiring planned mitigation within normal cadence. |
| High | Significant exposure; prioritize in operations reviews and owner follow-up. |
| Critical | Immediate attention; may pair with Settings → Escalation rules and leadership review. |
Risk status values
| Status | Description |
|---|---|
| Open | Identified; mitigation not yet started or confirmed by owner. |
Risk registers fail when teams treat them as write-once archives. Successful agencies assign owners, set review cadence, and close loops in the same meeting where incidents are discussed.
A marketing agency registers Medium risks when creative capacity conflicts with launch dates, assigns delivery directors as owners, and cites open items in monthly reports. Resolved risks document what staffing changes prevented recurrence before the next campaign cycle.
An automation agency logs High risks when third-party API dependencies lack fallback paths, links risks to clients running affected workflows, and resolves after redundant integrations are deployed. SLA timers on critical risks trigger escalation to engineering leads.
An MSP tracks infrastructure risks—end-of-life hardware, missing backups—per client with due dates aligned to maintenance windows. Critical risks escalate through Settings → Escalation while Watch client status signals leadership review on the client record.
A consultancy documents scope creep and key-person dependency as Medium risks during engagements, dismisses accepted exposures with client sign-off noted in resolution text, and references mitigated risks in closeout reports published to portal users.
A large agency standardizes risk titles across regions, requires admin review before Dismiss on High or Critical items, and exports portfolio risk summaries during quarterly governance reviews. Platform-originated risks from SLA evaluation are triaged within defined response windows.
Common risks module issues
| Problem | Cause | Solution |
|---|---|---|
| Cannot edit a risk | Role is read-only for risks module | Contact an admin to verify risks write permissions on your role. |
| Risk missing from client detail page | Incorrect or missing client linkage | Confirm the correct client is linked on the risk record. |
| SLA timer not shown on risk | No SLA policy on client | Assign a policy on the client detail page or in Settings → SLA. |
| Duplicate risks for same issue | Manual creation without search | Merge narrative in one record; dismiss duplicates with documented rationale. |
| Unexpected platform-created risk | Health engine or SLA evaluation trigger |
Contact support@auroranexis.com for onboarding support, billing questions, or product guidance. Include your workspace name, the module you are working in, and a brief description of your goal so we can respond efficiently.
| Acknowledged | Owner confirmed; active work underway toward mitigation. |
| Mitigated | Controls applied; team monitors for recurrence before closure. |
| Resolved | Closed with successful mitigation and documented outcome. |
| Dismissed | Closed without action; document rationale for audit purposes. |
Risks may be created manually or generated from platform sources including health engine rules, SLA evaluation, reports, activity feeds, and portal submissions. Source metadata helps reviewers understand why a record exists without inferring from the title alone.
Every open risk should have an internal owner accountable for status updates. Due dates optional but recommended when contracts or playbooks require time-bound mitigation.
| Review source metadata on the record; acknowledge or resolve per playbook. |
| Risk not appearing in generated report | Report generated before risk created | Regenerate the report or include the risk in manual narrative edits before publish. |
| Cannot dismiss risk | Insufficient close permissions | Ask an admin to verify your role includes permission to move status to Dismissed. |