your proposed approach using the Applicable Asset is a workaround for us, but unfortunately not very usable in the long term.
Lets take my sample from above again:
Business Unit 1 is the owner of a SAP Application Server
Business Unit 2 is the owner of an Active Directory Server
BU2 identifies 10 risks related to the AD Server and creates 10 different risks in the Asset Risk Management.
When BU1 tells BU2 that they use the AD too with their SAP Server, BU2 has to open all 10 risk scenarios and put SAP as Applicable assets which creates a lot of. As we are a quite big organisation with a lot cross referencing services, this makes a lot of work to handle.
Our idea of inheritence would work as follows:
BU1 put the related assets in the Asset Identification:
and Eramba would show all related risks to this asset in the asset risk management interface.
I hope I could explain my issue in an understandable way.