Not logged in - Login
View History

Control Risk Strategies

The control risk strategy will only be completed after the resource attribute valuation (Confidentiality, Integrity and Availability), Control Maturity Assessment and the risk Assessment are complete.

Divisions

This shows the maximum risk associated with each of the divisions The tan indicator shows that the risk assessment or control assessment is still in progress so the results of the risk assessment are not yet visible.

Controls

This shows all applicable controls and the related risk score of that control, also displayed is the risk treatment action. Clicking on a control will populate the control overview tab and show the following information.

Control Overview

This shows the 3 values for risk:


Note: The names of these risk types can be modified for an organisation therefore these values may be different for your organisation.
These can be modified within the Home -> Organisation -> RA Setup -> Set Up Risk Types.

Risk Treatment Decision

A risk strategy can then be allocated to the controlled risk. The risk owner will be defaulted as the control owner but can be set as any contact within Abriska. An action description allows any difference from the recommendation to be recorded.

The default risk decisions are explained below.

Note: The names of these risk treatment actions can be modified for an organisation therefore these values may be different for your organisation. These can be modified within Home -> Organisation -> RA Setup -> Risk Strategies.

Bulk mark risk treatment decision

To bulk mark a risk treatment to a risk appetite level, go to (from dashboard) Control Maturity Assessment > Control Risk Strategies > on the 'Control Count' panel, select the risk appetite level (High, Medium, Low or Negligible - this may be different in your account based on setup preference), once the risk level has been selected you will be presented with a risk review date, risk treatment decision and risk treatment owner to allocate to all controls of this risk appetite level. This will also highlight to you which controls this will be filtered out to. This can also be filtered by division. Within 'Control Filter' > tick 'Filter to division'.

Risk Treatment Bulk role out

Threats

This tab will only be populated once you click on the “Threat” button at the top of the control overview tab. It shows all of the threats that are related to this control, and therefore what threats the organisation is being exposed to having this control at this level of maturity. The maximum score on this table will be the maximum score for the control.

Resources

This tab will only be populated once you click on the “Threat” button at the top of the control overview tab and then click on a threat and it will display all of the related resources. This will show all of the resources that are exposed to this threat as a result of the maturity of this control.


Back to Control Maturity Assessment