GRC | How risk is impacting control posture

MR13
Tera Contributor

‎02-14-2024 09:41 AM

Hi folks - 

 

Trying to understand - how risk and control are linked. 

For example - let's say a risk is evaluated and a mitigating control is added, still the residual risk remains the high it doesn't change why?.

Secondly, when a control is moved from non-compliant to compliant, then what is the impact on the risk?

0 Helpfuls
  • 211 Views
1 REPLY 1

Community Alums
Not applicable

‎02-15-2024 02:51 AM

Hi @MR13 ,

I believe you are using Classic Risk management, you won't see the Risk Rollup for this, you need to  use Advanced risk management for the same.

Please refer to my answer in this thread :https://www.servicenow.com/community/new-customers-policy-risk-forum/standard-risk-vs-advanced-risk-...

 

0 Helpfuls