Not logged in - Login
< back

Control Risk Strategies

The control risk strategy will only be completed after the resource attribute valuation (Confidentiality, Integrity and Availability), Control Maturity Assessment and the Risk Assessment entity are complete.

Divisions

This shows the maximum risk associated with each of the divisions The tan indicator shows that the risk assessment or control assessment is still in progress so the results of the risk assessment are not yet visible.

Controls

This shows all applicable controls and the related risk score of that control, also displayed is the risk treatment action. Clicking on a control will populate the control overview tab and show the following information.

Control Overview

This shows the 3 values for risk:


Note: The names of these risk types can be modified for an organisation therefore these values may be different for your organisation.
These can be modified within the Home -> Organisation -> RA Setup -> View Risk Types.

Risk Treatment Decision

A risk strategy can then be allocated to the controlled risk. The risk owner will be defaulted as the control owner but can be set as any contact within Abriska. An action description allows any difference from the recommendation to be recorded.

The default risk decisions are explained below.