Risk Register

Risk Register – outputs each of the risk statements, the risk treatment decision and the owner. Each risk that is identified should be reviewed and undergo treatment by applying one of the following:

• Reduce – Apply the recommendation and improve the appropriate control
• Accept – Knowingly and objectively accept the risk
• Avoid – Change the business or environment to stop completing the related activity
• Transfer – Outsource/transfer the risks to other parties.

Overview of Risk Register

The 'Risk Register' page within Abriska can be reached by selecting ‘Risk Assessment’ and then 'Risk Register' from the sidebar on the organisation home.

Abriska enables all sources of risk, events that might affect the achievement of objectives (whether creating, enhancing, preventing, degrading accelerating or delaying their achievement), areas of impact and their causes to be identified and listed and their ownership documented. These can be identified through referencing and reviewing Abriska’s threat libraries and/or through custom input collected by the organisation through a variety of information gathering techniques.

When clicking into a risk it is broken down into several areas to help you navigate the risk and manage it.

The Risk Register can be used as a formal record of risks, to document risk analysis, facilitate ownership and management of risks, input into and document the outcomes of the risk evaluation and risk treatment processes.

Back to Enterprise Risk Management