Risk Register

Managing risks in the Conformio Risk Register

You can access the Risk Register from the list of Registers and Modules, located in the left navigation pane of your Conformio account.

Risk Register - Support Center
Figure 1. Accessing the Risk Register

The Risk Register is a very important part of Conformio, and it was created in such a way as to lead you through managing your risks step by step.

In the left sidebar, on the Wizard tab, you can see helpful text and tips on what to do in the register.

Risk Register - Support Center
Figure 2. Overview of Risk Register

Conformio leads you through the selection of all assets and connecting those assets to vulnerabilities and threats. There is already a defined list of assets, as well as vulnerabilities and threats, from which you can choose. Also, if there is something not on the list, you are able to add your own items to each list.

Risk Register - Support Center
Figure 3. Adding assets

Risk Register - Support Center
Figure 4. If you don’t see an item you need on the list, you can add your own

For each asset-vulnerability combination, select all the necessary threats from the list. When you’re ready, click the “Next” button in the right sidebar so you can go to the next steps – Evaluation, Review, Treatment, and Acceptance.

Risk Register - Support Center
Figure 5. Adding a threat to the asset-vulnerability combination

In the next step, you evaluate the risks you created. You are defining impact and likelihood, as well as the persons responsible for the risk (risk asset owner and risk owner). These persons will be notified regarding what is happening with the risk and will be responsible for its treatment.

Be sure to add responsible people to each risk; otherwise, you won’t be able to go to the next step.

Risk Register - Support Center
Figure 6. Evaluation of the risks

After evaluation, the person responsible for reviewing the risks (the Risk Register owner) has to review the newly created risks.

Risk Register - Support Center
Figure 8. Review the risks

Those risks that are acceptable will not be visible in the next step, “Treatment” – only those that are not acceptable. Once all risk treatments are set up, you’ll be able to proceed further.

Let us know if you need any assistance: support@advisera.com



  • ASIC is recognised by UKVI in UK, is a member of the CHEA International Quality Group in USA, is a member of the British Quality Foundation, and is an institutional member of European Distance and E-Learning Network.

  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.