Drata

Residual Risk represents the remaining risk after mitigating or transferring it. The inherent risk is the untreated likelihood x impact numerical score (5x5). After applying mitigating controls for example, the residual risk is the leftover risk that remains after treatment, which is a measure of the effectiveness of the treatment.

Residual risk is part of the Risk Management and therefore that module must be enabled for your tenant. 

The residual risk only applies to risks for which you've applied one of the following treatment types: 'Mitigated' or 'Transferred'.

When viewing the Risk Register, notice the two columns of numerical scoring. The left column represents the inherent risk score, while the right represents the residual score.

Enter the Impact and Likelihood under Assessment section.

Select Mitigated or Transferred for the treatment to add the residual risk. ​

Enter the treatment details, impact and likelihood for the residual score.

Save and the risk register will update with the changes.

1. Select a risk.
2. Enter the Impact and Likelihood under Assessment section.
3. Select Mitigated or Transferred for the treatment to add the residual risk. ​ 
4. Enter the treatment details, impact and likelihood for the residual score.
5. Save and the risk register will update with the changes.

Visualize residual risk directly from the Risk Register

Risk Management: Residual Risk

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

HERE'S WHY

BEFORE DIVING IN

HERE'S HOW

Add residual risk score