Send a structured survey to stakeholders so they can weigh in on a risk's likelihood
and impact. The responses drive the evidence-based scoring your team needs to make confident
treatment decisions.
Required Editions
Available in: Lightning Experience
Available in: Enterprise, Performance, and Unlimited
Editions with Agentforce IT Service.
User Permissions Needed
To create and manage risk assessments:
Compliance Admin permission set OR IT Compliance Fulfiller permission set
A risk assessment is the survey your team sends from within a risk evaluation to gather input
from the people closest to the risk, like the control owner, asset owner, or business unit
leader. The active scoring expression set uses the participants' responses as input to
recalculate the evaluation's likelihood and impact. This in turn, feeds into the residual risk
score and any treatment recommendation that follows.
Send assessments manually when you want a specific stakeholder's perspective. When Continuous
Evaluation is turned on, the AI agent also sends assessments automatically, picking the most
appropriate survey template and the relevant stakeholders for each evaluation it drafts.
From App Launcher, go to the IT Compliance app and select Risks.
Open the risk record you want to assess, go to the Assessment tab and
click New.
Fill in the assessment details:
Participant. The user or user group you're surveying. Choose stakeholders with direct
knowledge of the risk, like the control owner, asset owner, or relevant business unit
lead.
Survey Template. The survey to send. Pick the out-of-the-box template that best fits
the evaluation type, or one your admin has customized.
Due Date. The date by which you need responses.
Save your changes.
The participants receive a survey invitation with a link to the assessment. As responses
come in, they appear on the assessment record. After all responses come in or the due date for
completion is reached, the active scoring expression set uses the responses to recalculate
likelihood and impact on the parent evaluation, and updates the inherent risk score
accordingly.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
