Skip to main content

The Problem RISKSHEET Solves

Traditional risk management in Polarion relies on navigating multiple LiveDoc documents, work item tables, and scattered data across projects. This approach creates several challenges:
  • Fragmented workflow: Analysts constantly switch between documents, work items, and link editors to understand risk relationships
  • Limited visibility: Standard work item tables cannot represent the multi-level hierarchies required by FMEA (Failure Mode → Cause → Effect → Mitigation) or HARA workflows
  • Manual calculations: Risk Priority Numbers (RPN), severity ratings, and occurrence probabilities must be calculated manually or through complex custom fields
  • Traceability gaps: Connecting upstream hazards to downstream mitigations requires extensive link management across multiple work item types
RISKSHEET addresses these challenges by providing a unified, Excel-like interface where all risk data—from hazard identification through mitigation tracking—appears in a single, configurable view.

How RISKSHEET Works: The Three-Layer Model

RISKSHEET operates on a three-layer architecture that separates data storage, configuration, and presentation: diagram

Layer 1: Data Storage in Polarion

At its foundation, RISKSHEET stores all risk data as standard Polarion work items within a LiveDoc document. A typical FMEA implementation might use:
  • Risk work items representing failure modes and causes
  • Task work items representing mitigation actions
  • Link roles connecting risks to tasks (e.g., “mitigates” relationship)
This design ensures that all data remains accessible through standard Polarion APIs, reports, and integrations—even without RISKSHEET installed.

Layer 2: Configuration as Code

The risksheet.json configuration file defines how raw Polarion data transforms into a risk management interface. This file specifies:
  • Columns: Which work item fields appear as columns, their display names, widths, and edit permissions
  • Levels: How data merges into hierarchical groups (e.g., merging all causes under a failure mode)
  • Data types: Which Polarion work item types represent risks versus mitigation tasks
  • Formulas: JavaScript functions calculating RPN, risk levels, and derived metrics
  • Styles: Conditional formatting rules that highlight high-severity risks or overdue mitigations
See Configuration System for detailed architecture.

Layer 3: The Spreadsheet Interface

RISKSHEET renders the configured data as an interactive grid where:
  • Merged cells create visual hierarchies without duplicating data
  • Inline editing updates Polarion work items directly from the spreadsheet
  • Calculated columns automatically compute risk ratings based on configurable formulas
  • Conditional formatting applies color-coded visual indicators for risk thresholds
Think of RISKSHEET as Excel connected to a Polarion database. The spreadsheet provides familiar navigation and editing, while Polarion ensures data governance, version control, and traceability.

Key Architectural Principles

1:1 Document-to-Risksheet Relationship

Each RISKSHEET instance displays work items from exactly one Polarion LiveDoc document. This architectural constraint ensures:
  • Clear ownership: One document = one configuration = one team’s risk analysis
  • Predictable behavior: All work items in the document appear in the RISKSHEET (subject to query filters)
  • Simplified permissions: Polarion document permissions control RISKSHEET access
RISKSHEET cannot aggregate work items from multiple documents into a single view. If you need to analyze risks across multiple documents, create separate RISKSHEETs for each document or consolidate work items into a single master document using Polarion’s reuse features.
For cross-document scenarios, see Work with Branched Documents and Work with Collections.

Template-Based Configuration Inheritance

RISKSHEET supports a template-to-document configuration hierarchy: diagram This pattern enables:
  • Standardization: All teams start with organization-approved FMEA/HARA templates
  • Flexibility: Individual projects can override configurations for unique requirements
  • Maintainability: Template updates propagate to all documents automatically
See Configuration Hierarchy and Override Template Configuration.

Live Data Views, Not Static Reports

Unlike traditional risk reports that snapshot data at a point in time, RISKSHEET provides a live view of Polarion work items:
  • Changes made in RISKSHEET immediately update Polarion work items
  • Changes made in Polarion (via work item forms, table views, or API) appear in RISKSHEET after refresh
  • Baseline and revision support enables historical comparisons while maintaining live editing
This bidirectional synchronization ensures RISKSHEET integrates into existing Polarion workflows rather than creating a separate risk management silo.

When to Use RISKSHEET vs. Standard Polarion Tables

Use RISKSHEET When…Use Polarion Tables When…
Conducting FMEA or HARA analysis with multi-level hierarchiesManaging simple lists of requirements or test cases
Need merged cells to represent failure mode → cause → effect relationshipsEach row represents an independent work item
Require calculated columns (RPN, risk levels) with real-time updatesField calculations can be handled by custom field formulas
Visual risk matrices and conditional formatting are criticalStandard table styling is sufficient
Team prefers Excel-like navigation and bulk editingTeam prefers form-based work item editing

Integration with Polarion Ecosystem

RISKSHEET extends—rather than replaces—Polarion’s native capabilities:
  • Documents: RISKSHEET documents are standard Polarion LiveDocs with custom rendering
  • Work items: Risk items are standard Polarion work items accessible via API and reports
  • Links: Traceability uses Polarion’s built-in link roles and navigation
  • Baselines: RISKSHEET supports Polarion baselines for compliance and audit trails
  • Reviews: Configurable review workflows integrate with Polarion’s approval mechanisms
  • Permissions: Polarion project and document permissions control RISKSHEET access
See Embed Risksheet in LiveDoc for integration patterns.

Common Use Cases

FMEA (Failure Mode and Effects Analysis)

RISKSHEET displays failure modes, causes, effects, and mitigation tasks in a hierarchical structure with automated RPN calculation:
  • Level 1: Failure modes (merged by failure mode field)
  • Level 2: Causes (one row per cause)
  • Level 3: Mitigation tasks (linked via “mitigates” role)
  • Calculated columns: RPN = Severity × Occurrence × Detection
  • Conditional formatting: Red highlighting for RPN > 350
See Configure FMEA Workflows.

HARA (Hazard Analysis and Risk Assessment)

RISKSHEET supports ISO 26262 HARA workflows with conditional probability calculations:
  • Level 1: Hazards (merged by hazard ID)
  • Level 2: Operating scenarios (one row per scenario)
  • Level 3: Safety goals (linked via custom role)
  • Conditional formulas: Auto-calculate ASIL from severity and probability
  • Multi-impact tracking: Device, patient, and operator impact columns
See Configure HARA Workflows.

Next Steps

KB ArticlesSupport TicketsSource Code
  • risksheet.json
  • RisksheetProjectProperties.java
  • DefaultTraceProvider.java
  • AddTaskCommand.ts
  • AppConfig.ts