Key Takeaways
- Risk Companion was built by experienced risk managers who found that most tools were designed for auditors rather than for the people doing the actual risk work day to day. The platform is the product of what was missing.
- Every risk in Risk Companion requires a named owner and at least one measure, because a risk without accountability is documentation rather than management. That single requirement is what makes the difference between a register people maintain and one they ignore.
- Risk Companion gives every team member a way to contribute, through AI-assisted risk identification, collaborative risk sessions, and a full AI assistant that works inside your register, so the risk process reflects what the whole organisation knows rather than what one person had time to document.
- Configurable risk frameworks mean Risk Companion works within your organisation's existing methodology rather than forcing a fixed scoring model, whether you are managing capital projects, IT security, or operational risk across multiple sites.
- Built-in Monte Carlo simulation turns your risk register into a quantitative analysis tool, giving project directors and CFOs a probabilistic contingency figure they can present to a board rather than a risk score that raises more questions than it answers.
Risk Companion was built by people who have managed risk in practice, not in theory. The features in this platform come from experience: what risk managers actually need on a day-to-day basis, not what looks good in a procurement presentation.
The belief behind the product is straightforward. Risk management works when everyone in the organisation has a stake in it. Not just the risk manager. Not just the compliance team. The project member who spots a supplier slipping on small deadlines. The team lead who sees a process generating more errors than expected. The CFO who needs a number they can defend to the board.
Risk Companion is built to make everyone a risk owner, giving each person the access, the accountability, and the tools to contribute to the risk process as part of how they already work.
This article takes you through the core features of the platform. If you are already a user and want to go deeper, the introduction to Risk Companion is the right place to start.
The risk register: every risk needs a place and an owner
The risk register is the spine of the platform. Every other feature connects back to it.
Every risk requires a named owner: one person whose name appears in the register and who is accountable for ensuring measures are in place and working. That single requirement changes how risk management feels inside an organisation, because risks get acted on when someone is accountable rather than when someone remembers to check.
Risk descriptions matter too. "Data breach" is not a risk worth acting on. "Unauthorised access to customer data because of weak password policies in the finance department" is a risk you can assign, measure, and close. The risks documentation covers how to write descriptions that are specific enough to be useful.
AI suggestions and the integrated assistant: from blank page to working register
Starting a risk register from zero is one of the biggest barriers teams face, and Risk Companion's AI suggestions are built to remove it.
Give the platform your project title and description and it generates a set of risk statements, candidate causes, candidate effects, and a draft set of preventive and mitigating measures. Each suggestion is a starting point your team accepts, edits, or discards. The blank page problem disappears in minutes.
The AI assistant goes further. It has full access to your register and can edit risks directly, answer questions about your current exposure, identify gaps in your bow-tie, and suggest measures for specific causes. Ask it to summarise the risk picture across a project or clarify why a particular risk is scored the way it is, and it answers in context. This is not a chatbot sitting alongside the product but an assistant that understands your register and works inside it.
For teams managing complex or fast-moving risk landscapes, that changes what is possible in a working day.
Risk sessions: get everyone involved
AI suggestions are one way to populate your register. Risk sessions are another, and they bring the people closest to the work directly into the process.
Risk sessions let you run structured workshops with your team asynchronously. Participants join via QR code with no account required, contribute risks they are seeing in their area, and the input flows directly into the register. No scheduling overhead, no translating messy notes afterward.
For distributed teams across multiple sites or projects, a session that used to take half a day of preparation can happen in 30 minutes. A risk register built with input from the people who actually know what could go wrong reflects reality in a way that a register maintained by one person never can.
Assessments: a score that starts a conversation
Every organisation assesses risk differently, and Risk Companion is built to work within your framework rather than impose one. Each project has its own configurable risk framework: you set the number of probability and impact levels, define the category names that match your organisation's language (Minor, Moderate, Extreme, or whatever fits), and configure how scores map onto the risk matrix. Dynamic reference values can be tied to project metrics such as total budget, DevEx, or CapEx, so thresholds recalibrate automatically as project parameters change.
A risk scoring high with three working preventive measures often warrants less attention than a lower-scoring risk with nothing attached. The score is the start of a conversation rather than the end of one, and Risk Companion is built around that distinction.
Every risk requires two assessments: the current state as it stands today, and the target state once measures are in place. The gap between the two is your workload. As measures complete, the current score moves toward the target, and that movement is what you show an auditor to demonstrate that risk management is actually happening rather than just documented. The current vs target documentation covers how this works in practice.
For risks with financial or schedule exposure, EMV and ETV calculate Expected Monetary Value and Expected Time Value. Probability times consequence, tracked over time as a trend, so you can show the board that exposure is moving in the right direction rather than presenting a static score that tells them nothing about trajectory.
Measures: where risk management stops being paperwork
Every measure in Risk Companion requires an owner and a due date. Both fields, every time. A measure without accountability is closer to a note than a plan, and the platform will not let you treat it otherwise.
Overdue measures surface automatically on the dashboard, so the risk manager spends their time on judgment rather than chasing status updates by email. The measure register gives a single view of every measure across every project, filtered by owner, status, or due date.
The distinction between preventive and mitigating measures matters practically. Preventive measures reduce the probability of a risk occurring. Mitigating measures limit the impact if it does. Risk Companion tracks both separately, so your team understands which side of the risk they are acting on rather than logging actions without context.
Bow-tie diagrams: the full picture in one view
A bow-tie places the risk event in the centre. Causes sit on the left, each connected to one or more preventive measures. Effects sit on the right, each connected to one or more mitigating measures. Every measure is tied to the specific cause or effect it acts on, so gaps are visible immediately rather than buried in a spreadsheet column.
For safety risks, IT security scenarios, and any risk where the chain of events matters as much as the score, bow-ties are the tool that makes the analysis credible to an engineer, a director, or an auditor. The bow-tie documentation covers how to build them out, attach measures, and present the diagram in a board or audit context.
Monte Carlo simulation: quantitative risk analysis your board can act on
Single-risk scores tell you about one risk at a time. Boards ask about the project.
Monte Carlo simulation is the most widely used method in quantitative risk analysis, and it is built directly into Risk Companion. It runs thousands of scenarios across your register and outputs an S-curve showing the full distribution of outcomes. The P50, P80, and P90 lines give you contingency figures grounded in your actual register rather than numbers someone estimated in a spreadsheet on a Friday afternoon. The output is available directly from the dashboard.
You can say "we are 90% confident our contingency requirement falls between X and Y" and show the analysis behind it. For infrastructure operators, project directors, and CFOs sizing contingency budgets on capital programmes, that shifts the board conversation from "does this feel right?" to "here is what the model shows."
Compliance and health checks: audit-ready without the scramble
Health checks run continuously in the background, flagging incomplete risk records, missing owners, and overdue measures before an auditor does. The gap analysis shows how far each risk has moved from its initial assessment toward the target state, which is the evidence an auditor wants to see: not just that measures exist, but that they are working.
For teams working toward ISO 27001 or NEN 7510, the register, measures, and dashboards together produce the evidence trail those standards require, in the format an audit expects to see it. The compliance features page covers what is supported and how.
Try it on your own risks
Risk Companion offers a 14-day free trial with full access to every feature, including the AI assistant, Monte Carlo simulation, and bow-tie diagrams. No feature limits, no credit card required to start.
When you sign up, a fully configured demo project tailored to your company is waiting for you, so you can see every feature in action immediately. Within five minutes you will have a real sense of how the platform works. When you are ready, create your own project and get your first risks into the register the same day, with the integrated AI assistant to help you get started.
Start your free trial and see what your risk register looks like when it actually reflects reality.
Ready to improve your risk management?
See how Risk Companion can help you implement these best practices with powerful, easy-to-use tools. Sign up and we'll prepare a demo project tailored to your company.