Tables installed with Risk Management

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Tables are added with activation of GRC: Risk Management.

    Table 1. Tables installed
    Table Description
    Risk

    [sn_risk_risk]

    		 Extends Item table [sn_grc_item] and stores specific risks associated with entities
    Risk Statement

    [sn_risk_definition]

    		 Extends Content table [sn_grc_content] and stores definitions of risks.
    Risk Framework

    [sn_risk_framework]

    		 Extends Document table [sn_grc_document] and stores all risk frameworks, a collection of risk statements
    Risk Framework to Entity Type

    [sn_risk_m2m_framework_profile_type]

    		 Extends Document to Entity Type table [sn_grc_m2m_document_profile_type] and is a many-to-many relationship table that is used to manage the relationships between risk frameworks and entity types
    Entity Type to Risk Statement

    [sn_risk_m2m_risk_definition_profile_type]

    		 Extends Content to Entity Type table [sn_grc_m2m_content_profile_type] and is a many-to-many relationship table that is used to manage the relationships between entity types and risk statements
    Risk Tasks

    [sn_risk_m2m_risk_task]

    		 Stores many-to-many relationships between risks and tasks
    Risk Transfer

    [sn_risk_transfer_task]

    		 When a risk is analyzed, there are four ways to respond to it. This table provides a way for a risk manager to transfer a risk.
    Color Setting

    [sn_risk_color_setting]

    		 This table is used for the reports to relate impact/likelihood with palette colors.
    Risk Avoidance

    [sn_risk_avoidance_task]

    		 When a risk is analyzed, there are four ways to respond to it. This table provides a way for a risk manager to avoid a risk. For example, by having a building in California, you are exposed to earthquake risk. You can avoid this risk by choosing not to have buildings in California.
    Risk Acceptance

    [sn_risk_acceptance_task]

    		 When a risk is analyzed, there are four ways to respond to it. This table provides a way with an approval process that allows a risk manager to approve (accept) or reject the risk.
    Risk Mitigation

    [sn_risk_mitigation_task]

    		 When a risk is analyzed, there are four ways to respond to it. This table provides a way for a risk manager to mitigate a risk.
    Risk to Control

    sn_risk_m2m_risk_control

    		 Contains relationships of risks to controls.
    Risk Statement to Control Objective

    sn_risk_m2m_risk_definition_policy_statement

    		 Contains relationships of Risk statements to Control objectives. On addition of entry to this, related risks to controls relationships get created in Risk to Control table with matching entity.
    Risk Mitigation to Control

    sn_risk_m2m_risk_mitigation_control

    		 Controls added to Risk mitigation task as part of the task's flow to mitigate risk are added to this table.
    Risk Relationship

    sn_risk_m2m_risk_risk

    		 Contains upstream-downstream/parent-child relationship between two risks.
    Risk Response Task

    sn_risk_response_task

    		 Base table to Risk Acceptance, Risk Avoidance, Risk Mitigation, Risk Transfer tasks.
    Note:
    All additional tables installed by the dependent plugins are also needed for GRC: Risk Management.