Improved Risk Lifecycle - Risk Monitor State

Introducing a new feature in our risk management system: the risk monitor state. This enhancement allows risks to be placed into a monitoring state at any point in time. This ensures continuous oversight to determine if the mitigating controls remain sufficient or if new risks emerge due to the dynamic nature of risk. This addition helps maintain a comprehensive risk management strategy, providing greater clarity and control for your organization.

Use Case

A company implements mitigating controls for a potential cybersecurity threat, such as phishing attacks. By placing this risk in a monitoring state, the risk analysis team can continuously oversee the effectiveness of these controls and quickly adapt if new phishing techniques emerge.

How Does it Work?

1. A risk can be set to a monitored state at any point during the risk assessment process. The option to mark a risk as monitored is in the actions menu on the risk detail page.

2. Changes to a monitored risk can alter its status based on the user's action. For example,

   • Conducting an inherent assessment on a monitored risk changes its status to assessed.

   • Performing a residual assessment on a monitored risk changes its status to treated.

   • Adding a mitigation task to a monitored risk changes its status to treatment-in-progress.

3. Monitored risks can be filtered in the Risk Register and represented in various graphs on the risk dashboard.

If you have any questions or issues, please reach out to your assigned Customer Success Manager. They'll be happy to assist you!

To view all the product updates, please click here.