Here you can view, create and edit Risk categories. Risk categories are different risk areas such as Information Security, Financial risks, AML risks, ESG risks etc. The purpose of dividing these into different categories is to let your organisation decide on different risk tolerances and risk criterias (risk profiles) for each category. This means that you have to define the risk profile of the risk category divided into business and privacy risk tolerance, and business and privacy risk criteria. These will be used when creating risk scenarios in your business, to make sure everyone is assessing risks with the correct crieterias decided by the organisation for this risk category.
It is perfectly fine to have only one risk category, e.g. “Information security risk.”
Here you have an overview of the status of the risk category and if the risk category is linked to other risk scenarios called “linked risks”.
For instance, there can be a red X in front of Business risk tolerance. This indicates the business risk tolerance is not defined and set. This means that the risk profile of the risk category is not finished. You can change the status by clicking on the risk category and fill out the data.
Create new risk category
Examples of a risk categories can be Information risks, Financial risks, ESG risk etc.
Click “+ Create risk category” button in the corner.
Type the name of the risk category for example Information risk.
Add a description: Risk related to transfer of personal data.
Click Save to add.
You have now created a risk category and can know defined the risk tolerance and risk criteria.