Risk Register

Risk Register allows you to create, track, and mitigate Privacy Risks across your organization. This functionality allows you to track risk proactively to support regulatory compliance and build customer trust.

Adding Risks

To add a new risk, select the Add Risk button in the top right corner of the Risk Register page.

Risk Details

The following fields are available to describe a new Privacy Risk:

Field	Required?	Description
Risk Type	Yes	Select a standardized risk from our pre-defined list. This ensures consistency and powers our recommendation engine.
Description	No	A default description will populate based on the risk type selected. Edit or add any additional context about the risk, including its causes and potential consequences.
System	No	If the risk is associated with a specific application or vendor, you can link it directly to a system from your inventory.
Impact & Likelihood	Yes	Assign a level for both the potential impact of the risk and its likelihood of occurring. The platform will automatically calculate an Overall Risk score for you.
Mitigation Status	Yes	Set the current status of the risk (e.g. In Progress, Mitigated, Accepted). By default, the status of a newly created risk will be Not Started.
Assigned Owner	No	Assign the risk to a specific person or team by entering their email to establish clear accountability.
Due Date	No	Set a target date for when the mitigation plan should be completed.
Comments	No	Add any relevant notes or links to resources for additional context.

Mitigation Plans

Once you've selected a Risk Type, the platform will automatically provide you with a list of Suggested Mitigation Plans.

• To select a suggestion: Simply check the box next to the recommended plan.
• To see more options: Select "View All Mitigation Plans" to open our full library of controls. You can select one or more plans from this list.
• No Action: If you determine no mitigation is needed, you can select the "No Action" option.