1. Licence & Ownership. RiskOS is proprietary software owned by Areussi Software Solutions Pte. Ltd. You are granted a limited, non-exclusive, non-transferable licence for internal use only. All rights reserved.
2. Permitted Use. You must not copy, modify, distribute or reverse-engineer the Software.
3. Data & Confidentiality. Data is stored locally in your browser or on your organisation's server. AI features use the Anthropic API.
4. Professional Disclaimer. Outputs do not constitute legal, engineering or regulatory advice.
5. Limitation of Liability. Areussi Software Solutions Pte. Ltd. shall not be liable for indirect or consequential damages.
6. Governing Law. Governed by the laws of the Republic of Singapore.
Please tick the checkbox to confirm you agree to the Terms of Use.
Structured scoring — inherent → control → residual
Assessment Cycle
Q2 2026
KRI Monitor
Key Risk Indicators — real-time threshold tracking with automated alerts
Control Management
Link controls to risks — test effectiveness — track maturity
ID
Control Name
Type
Linked Risk
Owner
Eff.
Last Tested
Status
Test Status
Actions
Action Plans
Risk treatment actions — owners, due dates, subtasks, Gantt timeline
Action Timeline — Gantt View
Open/In ProgressOverdueClosed
ID
Action
Linked Risk
Owner
Treatment
Due Date
Progress
Status
Incident Log
Log incidents and near-misses — link to risk register — trigger updates
Bow-Tie Analysis
Build, edit and save bow-tie diagrams for any risk — causes, controls and consequences
Saved
Root Causes
Preventive Controls
Consequences
Mitigating Controls
Scenario Analysis
Stress-test FPSO risk scenarios · Quantitative Risk Assessment · Monte Carlo simulation · ALE
Scenario Builder
FPSO Scenario Library
Pre-built FPSO hazard scenarios — click to load into builder
Scenario Output
Saved Scenarios
Select 2 scenarios to compare
Side-by-Side Comparison
Quantitative Risk Assessment — Monte Carlo & ALE
Model financial exposure using probability distributions. Run Monte Carlo simulation across the portfolio to estimate Annualised Loss Expectancy (ALE) and loss percentiles.
Estimated likelihood of event occurring in any given year
Configure inputs and run simulation to see results
Portfolio ALE Summary
Click "Run Portfolio ALE" to compute aggregated annual loss expectancy across all open risks.
Compliance Mapping
Map controls to FPSO industry frameworks — ISM Code · ISO 31000 · MARPOL · SOLAS · ISO 55001
Board-level risk overview with top risks and KRI status
Full Risk Register
Complete register with scores, owners and treatment status
KRI Dashboard Report
Owner Report
Per-owner PDF: risks, actions, KRIs and overdue items
Board Pack PDF
One-click: portfolio + top 5 risks + KRI dashboard + AI narrative
Sentinel Narrative
Board-ready written narrative generated by AI
REQUIRES API KEY
All KRI values, thresholds and trend analysis
Audit & Certification Pack
ISM Code · Class survey · MARPOL · SOLAS — structured evidence collection and findings management
RCSA & Three Lines of Defence
Control Self-Assessment exercises structured across the Three Lines of Defence framework
Risk Maturity Model
Self-assessment of ERM maturity across 7 dimensions — Level 1 (Initial) to Level 5 (Optimising)
Risk Radar
Portfolio risk profile — residual risk intensity by category
Risk Radar — Residual Score by Category
Velocity — Portfolio Trajectory
Risk Interdependencies
Risk links are managed via individual risk records (click a risk → Interdependencies panel). Current links in portfolio:
Custom Report Builder
Build bespoke reports — choose sections, filters, grouping, columns and save templates
Help & Glossary
Modules reference, risk terminology, workflow guide and framework mappings
Risk Register
▼
Central repository of all identified risks. Score = Likelihood × Impact (1–25 scale). Filter by status, category or owner. Column headers are clickable to sort. Use Sentinel Score Review to flag inconsistencies across the portfolio.
Heat Map
▼
5×5 Likelihood/Impact matrix. Toggle Inherent/Residual. Cells show owner initials. Appetite boundary lines show Medium and High thresholds. Click any cell to see the risks within it.
KRI Monitor
▼
Key Risk Indicators track leading indicators linked to risks. Set amber and red thresholds. Update values to trend over time. KRI Breaches trigger dashboard alerts and board pack flagging.
Bow-Tie Analysis
▼
Visual barrier analysis: Root Causes → Preventive Controls → Risk Event → Mitigating Controls → Consequences. Use AI Generate to draft automatically from the risk description. Save completed bow-ties to the Template Library for reuse.
Risk Workshop
▼
Structured facilitated session for risk identification. Select category and phase, start a session, then work through 158 FPSO-specific guideword prompts. Mark prompts as Discussed. Commit identified risks to the register. Export a PDF report as session minutes.
Action Plans
▼
Treatment actions linked to risks. Track progress (%), status and due dates. Click Notes on any action to add timestamped progress updates. Calendar view shows all actions by due date. Overdue actions trigger dashboard alerts.
Reports & Board Pack
▼
Generate Executive Summary, Full Register, KRI Report, Owner Reports, AI Narrative, and Board Pack PDF. The Board Pack assembles portfolio stats, top 5 risks, KRI dashboard, overdue actions and AI narrative into one printable document.
Sentinel AI Intelligence
▼
Requires Anthropic API key (Settings → AI Intelligence). Sentinel features: Bow-Tie Generator, Score Reviewer, Risk Extractor, Narrative Report, Natural Language Search, KRI Threshold Suggestions. RiskOS works fully without a key.
Settings
Risk appetite, scoring thresholds, organisation configuration and data storage
Risk Scoring Methodology
Risk Appetite Thresholds
Scores at or below each threshold are assigned that rating. Maximum inherent score is 25 (5×5).
Scores above High threshold are rated Critical. Current: Low ≤4, Medium ≤9, High ≤16, Critical >16
Matrix Configuration
Changing size auto-scales thresholds. Existing risk scores are preserved.
Leave blank to use defaults for selected matrix size
Custom Risk Fields
Define additional fields that appear on every risk record — asset name, work order number, regulatory citation, contractor, region, or any field specific to your operation.
Automatic Escalation
Risks with status Overdue are automatically promoted to Escalated after the configured number of days. Escalated risks surface prominently on the Dashboard and are flagged in board reports.
Currently 0 risk(s) at Escalated status on the register.
Organisation
Scheduled Report Delivery
Automatically deliver risk digests, KRI reports and action alerts on a schedule — via email (mailto), webhook (Zapier/Power Automate) or Teams. Schedules run when the tool is open in a browser at the configured time.
Click Refresh to load schedules.
User Management
Manage team members when using Supabase cloud auth. In standalone mode, users are selected at login. Requires Admin or CRO role.
Standalone mode — users select their name on the login screen. To enable real user accounts with individual passwords, configure Supabase and use the "Supabase Account" login mode.
Supabase Auth mode — users self-register with your Org ID. You can manage their roles here once they've signed in once.
Run this SQL in Supabase to create the users table:
${RISKOS_USERS_SQL||'-- RISKOS_USERS_SQL not yet loaded'}
Data Storage
Configure where RiskOS stores data. Currently using browser localStorage — connect a server API to enable multi-user access and cross-device sync.
Settings → API → Project URL in your Supabase dashboard
Settings → API → anon public key. Stored in browser only.
Namespaces your data — all records scoped to this ID
Required Supabase tables (run once in SQL editor):-- Table 1: Risk data store
CREATE TABLE IF NOT EXISTS riskos_data (
org_id TEXT PRIMARY KEY,
payload JSONB NOT NULL,
updated_at TIMESTAMPTZ DEFAULT now()
);
ALTER TABLE riskos_data ENABLE ROW LEVEL SECURITY;
CREATE POLICY "anon_rw" ON riskos_data FOR ALL USING (true) WITH CHECK (true);
-- Table 2: User profiles (for cloud auth)
CREATE TABLE IF NOT EXISTS riskos_users (
id UUID PRIMARY KEY,
email TEXT NOT NULL,
name TEXT,
role TEXT DEFAULT 'Risk Owner',
initials TEXT,
org_id TEXT,
created_at TIMESTAMPTZ DEFAULT now()
);
ALTER TABLE riskos_users ENABLE ROW LEVEL SECURITY;
CREATE POLICY "users_rw" ON riskos_users FOR ALL USING (true) WITH CHECK (true);
SharePoint / Microsoft 365
Push reports · Pull documents for Sentinel · Teams escalation alerts
Not connected
Teams → channel → Connectors → Incoming Webhook. Fires on Escalated risks and KRI breaches.
Setup:
1. Register an Azure AD app with Sites.ReadWrite.All permission and grant admin consent
2. Note the Client ID and Tenant ID above
3. For Teams alerts, create an Incoming Webhook connector in your target channel
4. Click Connect — RiskOS will open Microsoft login for PKCE auth
Custom REST API
Expected endpoints: GET/POST /sync — full DB payload exchange GET /health — connection test
Browser localStorage — what this means
Data is saved in your browser on this device only. It survives page refresh and tab close, but is separate from other browsers, devices, and users. Clear browser data and it resets. Use Export/Import below to move data between devices or share with others.
Backup & Restore
Export creates a full snapshot of all risks, KRIs, controls, actions, incidents, audit log and bow-tie data. Import replaces all current data — back up first.
Outbound API & Webhook
RiskOS exposes a live data API via window.riskosAPI.get('/endpoint') for embedded dashboards. Configure a webhook URL to receive event notifications (risk approved, escalated, KRI breach).
Available API endpoints (same-origin, BroadcastChannel): /risks /risks/open /risks/critical /kris /actions /actions/overdue /controls /incidents /findings /summary /portfolio
Danger Zone
Wipes localStorage and reloads the seed data. This cannot be undone.
Access Code
Change the shared access code used on the RiskOS sign-in screen. Default: fpso2026
AI Intelligence
ACTIVE
Connect an Anthropic API key to enable 6 AI features: bow-tie generation, score review, risk extraction, narrative reports, NL search and KRI thresholds. The tool works fully without a key.
Sentinel offline — no API key
AI features disabled — add a key below to activate
Stored in browser localStorage only. Sent only to the Anthropic API. Get a key at console.anthropic.com
Features enabled with an active key
Where to find AI features once active: Register — Sentinel Score Review & Search | Bow-Tie — Sentinel Generate & Review | Workshop — Sentinel Extract | Reports — Sentinel Narrative & Board Pack | KRI — Sentinel Thresholds
Bow-Tie Generator & Reviewer
AI drafts and critiques bow-tie diagrams
Score Reviewer
Flags inconsistent scores vs incidents
Risk Extractor
Paste any doc — AI identifies risks
Narrative Report
AI-written board-ready summary
Natural Language Search
Ask plain-English questions
KRI Threshold Suggestions
AI recommends amber/red levels
Owner Directory
Contact details for all risk owners — auto-populated from the risk register.
Risk Workshop
Structured risk identification — select category, start session, work through guideword prompts
Session Setup
Session
Risk Guideword Prompts
Select a guideword prompt above to focus the discussion
Existing risks in category — 0
Sentinel — Risk Extractor
Identify New Risk
Workshop Log
No risks logged yet — use the form above to add risks as the team identifies them
Sentinel AI
Your veteran offshore risk advisor — 30+ years FPSO experience, available on demand. Requires Anthropic API key in Settings
Sentinel offline — no API key
Add a key in Settings › AI Intelligence to activate all features
🔑
Add an Anthropic API key to activate Sentinel
Go to Settings › AI Intelligence, paste your key and click Save & Activate. RiskOS works fully without a key — Sentinel is optional but recommended.
Name's Sentinel. Thirty years on FPSOs — North Sea, Gulf of Mexico, West Africa. Ask me anything about your risk register, controls, regulatory obligations or offshore operations. I'll give you a straight answer.
Enter to send · Shift+Enter for new line · Sentinel has full context of your risk register
Score Reviewer
Sentinel flags inconsistent scores across the portfolio
Control Effectiveness Reviewer
Sentinel reviews controls vs linked risks, flags gaps
Risk Trend Summary
Sentinel analyses the audit trail — what improved, what needs attention
Compliance Gap Analysis
Sentinel maps risks against ISM, MARPOL, SOLAS, class rules
Treatment Advisor
Sentinel recommends treatment actions, owners and timelines
Incident Root Cause Analyser
Paste an incident report — Sentinel maps root causes to your register
Risk Extractor
Paste any document — Sentinel identifies and adds risks directly to register
Other AI Features
Bow-Tie Generator — AI drafts full barrier analysis
Natural Language Search — Ask questions about your risks
KRI Threshold Suggester — AI recommends amber/red levels
Narrative Report — AI board-ready risk summary
My Risks
Risks and actions assigned to you — ownership accountability view
My Risk Summary
My Action Plans
Assigned Risks
Assigned Action Plans
Audit Trail
Full change history — timestamped and attributable — for regulatory and class society review
Review Schedule
Risk review cadence by category — overdue and upcoming reviews surfaced automatically
Review Cadence by Category
Due This Month
All Risks — Review Status
Start Risk Workshop
Sentinel
Processing...
Import Risk Register
Import risks from an Excel (.xlsx/.xls) or CSV file. Rows are mapped to new risks and added to the register — existing risks are not overwritten. You can review and edit after import.
Select a risk owner to generate their personal PDF report — showing their risks, actions, KRIs and overdue items.
FPSO Risk Scoring Guide
Use these definitions to score consistently across all risk owners. Score = Likelihood × Impact. Apply the inherent score before controls, and the residual score after controls.
Likelihood — How often could this occur?
Score
Level
FPSO Definition
Indicative Frequency
1
Rare
Has not occurred on this FPSO or similar assets in the fleet. Theoretical possibility only.
Once in >10,000 operating years
2
Unlikely
Has occurred on similar FPSO assets globally but not on this vessel. Requires specific combination of failures.
Once in 1,000–10,000 op. years
3
Possible
Has occurred on this FPSO or similar vessel in the last 10 years. Plausible under current conditions.
Once in 100–1,000 op. years
4
Likely
Has occurred on this FPSO in the last 5 years, or multiple times on similar assets. Credible without intervention.
Once in 10–100 op. years
5
Almost Certain
Has occurred on this FPSO in the last 12 months or is expected to occur without action. Known active threat.
>Once per year
Impact — What is the worst credible consequence?
Score
Level
Safety / People
Production / Financial
Environment / Reputation
1
Negligible
First aid only. No lost time.
<$100K or <1 day shutdown
Minimal spill, contained on deck. No regulatory notice.
2
Minor
Medical treatment / restricted work. No permanent injury.
$100K–$1M or 1–7 day shutdown
Small spill to sea, minimal impact. Regulatory notification required.
3
Moderate
Lost-time injury. Temporary disability. Up to 3 people.