Conduct a Risk Assessment
Risk assessment is a periodic activity that ensures your organisation's risk profile remains up to date with changes in operations, regulatory obligations, or technology. In Sprinto, you can perform assessments in-app or upload externally completed reports.
Access the Risk Assessment Tab
Go to Risks from the left navigation.
Select the Periodic Risk Assessment tab at the top.
Click + Start Risk Assessment.
You can choose to:
Start an assessment for all completed risks in the organisation.
Limit the scope to risks from a specific zone by selecting it from the dropdown.
📌 You cannot start a new organisation-wide assessment if one is already in progress.
🕒 Sprinto recommends performing this activity at least once per year.
Option 1: Perform In-App Assessment
This option allows you to review, update, and evaluate risks using your existing register.
Steps:
Select Finish assessment using risks added to the Risk register.
Review each risk for:
Accuracy of parameters (likelihood, impact, residuals)
Validity of mitigation plans
Treatment status
Register any new risks that have emerged.
Tick the checkbox I have reviewed the risks above to enable final submission.
Click Finish assessment to complete the cycle.
✅ All changes made here are saved and reflected in the Risk Register.
Option 2: Upload an External Risk Assessment
If you maintain your risk register externally (e.g. in Excel or a GRC tool), you can upload the risk document to complete the assessment in Sprinto.
Steps:
Click Finish assessment and then select Upload to start assessment.
Enter an assessment name (e.g. "February 2025 assessment").
Upload the file in supported formats (.xls, .xlsx, .doc, .docx, .dotx, .pdf).
Tick the checkbox I have reviewed the uploaded document.
Click Finish assessment to submit.
📎 You can also replace the uploaded document later if needed.
Last updated