Hi @sam47 ,
You need to understand What is Risk Category and What are the Risk Assessment Types.
When you say, you want to add a new risk category , then you are talking about below :
Which can be found in the actual Risk , in "sn_risk_risk" table.
Whereas, Inherent and Residual are Risk Assessment types. you cannot add another type called as "fraud" in terms to assessing the Risk.
Inherent Risk is typically defined as the level of risk in place in order to achieve an entity's objectives and before actions are taken to alter the risk's impact or likelihood.
Residual Risk is the remaining level of risk following the development and implementation of the entity's response or after the controls are applied.
Let's take an example of RAM in advanced risk management, you can see the assessment types selected are Inherent, Residual and Control Effectiveness:
Hi @sam47 ,
You need to understand What is Risk Category and What are the Risk Assessment Types.
When you say, you want to add a new risk category , then you are talking about below :
Which can be found in the actual Risk , in "sn_risk_risk" table.
Whereas, Inherent and Residual are Risk Assessment types. you cannot add another type called as "fraud" in terms to assessing the Risk.
Inherent Risk is typically defined as the level of risk in place in order to achieve an entity's objectives and before actions are taken to alter the risk's impact or likelihood.
Residual Risk is the remaining level of risk following the development and implementation of the entity's response or after the controls are applied.
Let's take an example of RAM in advanced risk management, you can see the assessment types selected are Inherent, Residual and Control Effectiveness:
