Question - Target risk rating

Currently Eramba supports recording of inherent and residual risk ratings. What is the best way to record a target risk rating for our risks? Custom fields for now?

Our corporate risk framework records residual and target ratings, keen to align if possible.


Hi Andrew,

What you mean by:

Let me know in simple language what you mean by that , im not %100 !


My understanding is that currently, we can record an inherent risk rating (based on threats and vulnerabilities) and a residual risk rating (after existing controls have been considered). We’d like to be able to record a third rating (likelihood and consequence values) that indicate the target risk rating the business finds acceptable e.g. we need to mitigate the risk further than its current residual value.

I believe custom fields might be the best approach at present.

Right i see now, well, i hope :slight_smile: and yes, i think custom fields with drop downs is what perhaps would fit you the best.

This brings to my attention, custom fields do not have “conditionals” when using filters, we need to add this

Interal ref: