Build a centralized library of reusable risk templates to ensure consistency across your
organization. Creating risk scenarios saves time and standardizes the data when your compliance
team registers new vulnerabilities.
Required Editions
Available in: Lightning Experience
Available in: Enterprise, Performance, and Unlimited
Editions with Agentforce IT Service.
User Permissions Needed
To create risk scenarios:
Compliance Admin permission set
A risk scenario is a reusable template that describes a category of risk your organization
faces, like phishing attacks, data retention failures, or supply chain breaches. Storing
scenarios in the Risk Scenario Library lets your team apply the same definition, category, and
source framework every time someone registers a new risk, so risks of the same type stay
consistently classified across your Risk Register.
From App Launcher, go to the IT Compliance app and select Risk Scenario
Library.
Click Add and then enter the Name, Description, Category, and the
Source Framework.
Save your changes.
Example: a phishing risk scenario
Suppose your organization wants to standardize how it tracks the threat of phishing attacks
across every business unit and vendor. You create a single risk scenario in the library with
these values:
Name: Phishing Attack
Description: Attackers attempt to steal credentials or deliver malware by impersonating a
trusted source through email, SMS, or messaging.
Category: Cybersecurity
Source Framework: ISO/IEC 27001:2022
From now on, anyone registering a phishing-related risk against a specific business unit,
vendor, or asset can pick this scenario as the template. The risk record inherits the
description, category, and framework from the scenario, so phishing risks stay classified the
same way across your entire Risk Register, no matter who creates them or when.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
