GRC | How risk is impacting control posture
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2024 09:41 AM
Hi folks -
Trying to understand - how risk and control are linked.
For example - let's say a risk is evaluated and a mitigating control is added, still the residual risk remains the high it doesn't change why?.
Secondly, when a control is moved from non-compliant to compliant, then what is the impact on the risk?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2024 02:51 AM
Hi @MR13 ,
I believe you are using Classic Risk management, you won't see the Risk Rollup for this, you need to use Advanced risk management for the same.
Please refer to my answer in this thread :https://www.servicenow.com/community/new-customers-policy-risk-forum/standard-risk-vs-advanced-risk-...