I’m starting to build/transfer over our organization’s risk register into Eramba. I understand Eramba has three different ways of documenting risks (Asset, Business Continuity, Third Party).
One risk example I was given was: Financial/revenue harm due to loss of a client
My first thought is that this should be an asset-based risk, with revenue as the asset. Then document the risk itself against revenue.
Does this sound right?