This is where risk analyses are managed, from definition to potential acceptance.
You can create risk assessments in your projects. A risk assessment encompasses:
risk identification, when you define your risk scenarios
risk analysis, when you assess the probability, impact and strength of knowledge for each scenario
risk evaluation, which is done automatically based on the selected risk matrix
In CISO Assistant, risk treatment is combined with risk assessment.
The scenarios can be defined directly from the risk assessment view or separately via this view.
Risk acceptance is when an organization or individual decides to tolerate a certain level of risk without taking further action to reduce it. This view allows to manage a workflow to get formal approval of risk acceptances by the management. The approver of a risk acceptance must have a user account with approver role. To find out more about risk acceptance, you can have a look to the ENISA risk management process.