Skip to main content
The Risk Register is where you document, assess, and manage all identified risks to your organization. Each risk is scored by likelihood and impact, and tracked with a formal treatment plan.

Risk details

When you open a risk, the detail view shows:
FieldDescription
Risk NameTitle of the risk
OwnerPerson responsible for managing this risk
StatusCurrent assessment status
Estimated CostPotential financial impact
Inherent RiskRisk level before any mitigating controls
Residual RiskRisk level after controls are applied

Risk scoring

Likelihood

How likely is this risk to occur? Scored on a defined scale.

Impact

How severe would the consequences be? Scored on a defined scale.
DSALTA calculates both the inherent risk (before controls) and the residual risk (after controls) based on your likelihood and impact scores.

Treatment plans

For each risk, you can define a treatment approach:
TreatmentDescription
MitigateImplement controls to reduce the risk
AcceptAcknowledge the risk and take no additional action
TransferShift the risk to a third party (e.g., insurance)
AvoidEliminate the activity that creates the risk

Controls mapping

You can map each risk to the compliance controls that mitigate it, creating a direct link between your risk register and your compliance program.
After adding likelihood, impact, and treatment information, click Approve to formalize the risk assessment. Approved risks include a timestamp and approver name for audit purposes.