Our risk workflow is divided in three steps:
- Creation of assets;
- Creation/analysis of risks;
- Treatment of risks.
At the moment, when you create a risk, the form requires you to fill-out two fields in the treatment tab that aren’t possible to make optional: mitigation strategy and residual risk classification. The result is that we end-up having to spend time populating these fields with fake data and have an additional status custom field to differentiate risks that have real treatment data from fake treatment data.
I believe that many other companies may approach risks in a multi-step way, like we do, and it would be a good idea to make the mitigation strategy and residual risk classification fields optional in the treatment tab. This will help simplifying and save time in our workflow.
Can the product team please comment on this feature request?
Thank you,
Fabio
