Risk assessments are surveys that gather evidence to determine risk. The Risk Assessment
Designer provides a single interface that users can use to create, and edit attestations, as well
as change scoring parameters. The question bank offers a library of questions for various
categories, so you do not have to build each questionnaire from scratch. Risks start in a
Draft state then move to Assess, which sends a
notification to the Assessment respondents.
By default,
Risk Assessment is used for risks and provides the following
assessment questions:
- Is this control implemented?
- Attach evidence
- Explain
My Assessments is contained in the Risk Register
module and contains active assessments for which you are the respondent. The assessments appear
in a list with a single assessments record per risk.
All Assessments is contained in the Risk Register
module and contains all active assessments. The assessments appear in a list with a single
assessments record per risk.
Compliance managers can create a new set of questions for each control objective.
