Create Risk Mitigation and Threat Analysis Questions

You must create questions and assign Risk Values, Question Impact, and Question Sequence to use the Risk Assessment form. The questions help assess risk and threat and the current state of requirements.

Risk Mitigation Questions and Threat Analysis Questions populate the Risk Assessment. We recommend that you align Risk Assessment Questions with current industry standards such as FedRAMP:2014, ISO 27001:2013, or ISO 9001:2015.

To create Risk Mitigation and Threat Analysis Questions:

1.In Administrator, select the Risk Assessment Business Object, and then select Quick Actions.

a.

Select Subset of Action Questions, and then select Edit.

The description indicates Threat or Risk and #.

•Select an existing question to modify or edit.

•Select Add to add a new question.

b.

Select Save when you're finished.