Skip to main content

Risk Control Categories

Introduction

A Risk Control Category is a grouping of similar Risk Sub-Controls that address a Key Risk Indicator.

Ex. Granting access based on least privilege and requiring password complexity both address the Key Risk Indicator “Unauthorized Application Access”.

A user cannot directly create a Risk Control Category the same way they would create a Sub-Control. They are automatically created when a new Key Risk Indicator is made.

To Create a Key Risk Indicator

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close