Capture, score, and treat the risks facing your IT environment. Build a reusable
scenario library so your team logs threats consistently, gather evaluations from the
stakeholders who know each risk best, map risks to the controls and policies that protect
against them, and assign the treatment plans that drive each one to closure.
Required Editions
Available in: Lightning Experience
Available in: Enterprise, Performance, and Unlimited
Editions with Agentforce IT Service.
Create Risk Scenario for IT Compliance Build a centralized library of reusable risk templates to ensure consistency across your organization. Creating risk scenarios saves time and standardizes the data when your compliance team registers new vulnerabilities.
Register Risks Log vulnerabilities and threats in your IT environment by creating risk records. You can quickly create a risk using a predefined risk scenario, or create a risk directly from the Risks tab in the IT Compliance app.
Map Risks to Policy Clauses and Controls for IT Compliance Link risks to the policy clauses they could violate and the controls that mitigate them. Mapping policy clauses to risks helps teams track which corporate rules are threatened by each risk, while mapping controls to risks helps teams track how effective your safeguards are.
Define and Apply Risk Scope for IT Compliance Define the categories of IT assets, business units, and vendors your team uses to scope risks, and then associate the right scope to each risk record so its impact is grounded in real-world context.
Create a Risk Evaluation for IT Compliance Assess the severity of a registered risk by creating a risk evaluation. Gather structured feedback from stakeholders on a threat's potential impact and likelihood to automatically calculate your inherent and residual risk scores.
Create a Risk Assessment for IT Compliance Send a structured survey to stakeholders so they can weigh in on a risk's likelihood and impact. The responses drive the evidence-based scoring your team needs to make confident treatment decisions.
Risk Treatment for IT Compliance After a risk is scored, your team picks a strategy for handling it, such as mitigating the threat, accepting it, transferring it to a third party, or avoiding the activity that creates it. Each strategy can be associated with an Action Plan Template that turns the decision into a concrete set of tasks.
View the Risk Heat Map The risk heat map plots each risk on a likelihood-by-impact grid, giving leaders and compliance managers an at-a-glance view of where the most severe threats sit and which trends to watch.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
