Risk Register

⌘K

Risk Register

AI-prioritized risk management across all frameworks

0
Total Risks
Needs attention
0
Critical
0
High
+4 this month
0
Mitigated

Risk Heat Map

Likelihood vs Impact — hover for details

Likelihood →
High
4
5
3
Med
7
8
6
Low
5
6
3
Low
Med
High
Impact →
Low risk
Moderate
Elevated
High
Severe
Critical

All Risks

Risk ID Description Severity Framework Owner SLA Status Actions
RSK-001 Unencrypted data at rest Critical NIS2 J. Schmidt ● Breached
RSK-002 Missing MFA on admin accounts Critical DORA A. Meier ● Breached
RSK-003 Outdated SSL certificates High ISO 27001 L. Weber ● At Risk
RSK-004 No incident response drill High NIS2 M. Kowalski ● At Risk
RSK-005 Excessive admin privileges Medium DORA T. Fischer ● On Track
RSK-006 Missing data retention policy Medium AI Act S. Braun ● On Track

AI Remediation Suggestions

Top actions ranked by estimated risk reduction

Deploy AES-256 encryption
Addresses RSK-001 · NIS2 Art. 21

Enable at-rest encryption across all databases and file stores. Estimated deployment: 2–3 days with existing KMS infrastructure.

Impact Score: 94/100
Enforce MFA for all admin roles
Addresses RSK-002 · DORA Art. 9

Roll out hardware-key or TOTP-based MFA to the 12 remaining admin accounts. Integrate with existing IdP for SSO enforcement.

Impact Score: 89/100
Auto-renew SSL certificates
Addresses RSK-003 · ISO 27001 A.10

Configure cert-manager with Let's Encrypt for automated renewal. Eliminates manual tracking of 23 active certificates.

Impact Score: 76/100