Create or Edit a Risk Assessment
Create a Risk Assessment to discover, correct, and prevent security problems. Complete analysis questions and calculate Risk scores (mitigated and unmitigated). Accept the Risk and mitigate with Controls or a Mitigation Plan, or transfer or avoid the Risk.
Create a Risk Assessment
To create a Risk Assessment:
1.Open the Risk Assessment workspace.
2.Select New GRC Risk Assessment to create a new Risk Assessment.
A blank form opens.
3.Enter the information into the fields as required.
| a. | The questions for Threat Analysis and Risk Mitigation are based on the Risk Assessment Type. |
| b. | % of Threat Analysis Assessment Complete is based on the total number of questions answered. |
| c. | % of Risk Mitigation Assessment Complete is based on the total number of questions answered. |
| d. | Current Unmitigated Risk and Current Mitigated Risk are based on the questions weighted response. |
4.Select Save.
5.In the Threat Analysis tab, there are a set of sample questions.
| a. | Select each question, and then select a Threat Analysis Level from the Select Threat Analysis Level drop-down list. |
| b. | Select a question, and then select No Impact to change the impact. |
•If a Threat Analysis Question is set to No Impact, it's removed from the percentage complete. You can select No Impact for all but one question, and then select the level of threat and your analysis will be 100% complete.
6.In the Risk Mitigation tab, there are a set of sample questions.
| a. | Follow steps a-b above to change the Risk Mitigation Level or Impact. |
7.Use the Threat Analysis, Risk Mitigation, Risks, Tasks, Journals, Controls, Mitigation Plans, Exceptions, and Linked Risk Assessments tabs to link Threat Analyses, Risk Mitigations, Risks, Task, Journals, Controls, Mitigation Plans, Exceptions, and other Risk Assessments to the Risk Assessment.
8.You can restore hidden tabs using the plus sign (to the right of the tabs).
9.Select Save.
Edit a Risk Assessment
To edit a Risk Assessment:
1.Double-click a Risk Assessment to open the details.
2.Change the information as needed.
3.Select Save.