Managing risks in the Conformio Risk Register
You can access the Risk Register from the list of Registers and Modules, located in the left navigation pane of your Conformio account.
The Risk Register is a very important part of Conformio, and it was created in such a way as to lead you through managing your risks step by step.
In the left sidebar, on the Wizard tab, you can see helpful text and tips on what to do in the register.
Conformio leads you through the selection of all assets and connecting those assets to vulnerabilities and threats. There is already a defined list of assets, as well as vulnerabilities and threats, from which you can choose. Also, if there is something not on the list, you are able to add your own items to each list.
For each asset-vulnerability combination, select all the necessary threats from the list. When you’re ready, click the “Next” button in the right sidebar so you can go to the next steps – Evaluation, Review, Treatment, and Acceptance.
In the next step, you evaluate the risks you created. You are defining impact and likelihood, as well as the persons responsible for the risk (risk asset owner and risk owner). These persons will be notified regarding what is happening with the risk and will be responsible for its treatment.
Be sure to add responsible people to each risk; otherwise, you won’t be able to go to the next step.
After evaluation, the person responsible for reviewing the risks (the Risk Register owner) has to review the newly created risks.
Those risks that are acceptable will not be visible in the next step, “Treatment” – only those that are not acceptable. Once all risk treatments are set up, you’ll be able to proceed further.
Let us know if you need any assistance: email@example.com