SecureSlateSecureSlate
Log inGet started for free
← All docsDocs

Risk Management

Add a Risk from the Risk Library

Use Risk Library to quickly add a pre-built risk scenario and then customize it for your organization.

From the sidebar, go to Risk → Risk Management → Risk Library.
 
Risk Library list

Step 1: Find a risk that matches your needs

Use search and filters (like Category) to locate the scenario you want to add.

Step 2: Add the risk from the library

Click Add Risk on the scenario row.

After adding, SecureSlate prompts you to map the risk to its recommended controls.
 
Recommended controls prompt

Choose one:

  • Add Controls: Maps the recommended controls to the risk.
  • Not Now: Skips mapping for now (you can map controls later).

Step 3: Open the risk and complete the remaining details

Go to Risk → Risk Management → Risks, find the newly added risk, then click it to open the details view.

From the details view, you can update:

  • Risk Name and Description (if you want to rename or tailor the wording)
  • Category: Choose one or more categories (including any custom categories you created in Settings).
  • Owner: Assign the person responsible for monitoring and treating the risk.

Step 4: Add a risk score

In Risk Score, start with Inherent Risk—the level of risk before considering existing controls.
 
Inherent risk score

Use the sliders to select:

  • Likelihood: How likely the event is to occur (based on the likelihood scale defined in Settings).
  • Impact: How severe the consequences would be if the event occurs (based on the impact scale).

As you move the sliders, SecureSlate calculates the inherent risk and shows the overall level (for example, Low, Medium, High, Critical).

Step 5: Select a treatment plan and map controls (optional)

Under Treatment, choose how you plan to handle this risk:

  • Mitigate: Implement or improve controls to reduce likelihood and/or impact.
  • Avoid: Stop or change activities that create the risk.
  • Transfer: Shift responsibility to another party (for example, using insurance or a third-party provider contract).
  • Accept: Acknowledge the risk and keep it as is without additional action.

Pick the option that matches your organization’s decision for this scenario. You can later use notes or linked controls to justify the choice.

If needed, use Controls (Optional) to link controls that may reduce the residual risk score.
 
Treatment and controls

  1. Click Add Controls.
  2. Select the relevant controls (for example, vendor management controls, access controls, backup and recovery).
  3. Save your selections.

Mapping controls makes it clear which safeguards are used to manage the risk and helps tie your risk register back to the Controls workspace.

Step 6: Score residual risk

Scroll down to the Residual Risk section.
 
Residual risk score

Here you estimate risk after considering existing or planned controls:

  • Adjust Likelihood and Impact again to reflect the expected state once controls are in place.
  • Confirm the updated residual risk level shown (for example, Low).

Residual risk helps you document how much risk remains after mitigation.

Step 7: Add a supporting document (optional)

In Supporting Document (Optional), you can upload evidence that supports how you’re mitigating the risk (for example, a policy, a risk assessment, a vendor report, or an implementation plan).
 
Supporting document upload

Save updates

As you update fields, the risk record is saved and stays available in the Risks table. You can adjust scores, treatment, and mapped controls over time as your environment or mitigation plan changes.

Last updated: March 26, 2026