Define and Track Risk Treatments

Once controls are mapped to a risk, the next step is to define how you plan to treat that risk. Sprinto supports multiple treatment strategies, with optional task creation to ensure follow-through.

Access the Treatment Section

Log in to the Sprinto dashboard and navigate to Risks.
Click on the Risk Register tab.
Open the relevant risk.
In the left-side navigation panel, click Treatment.

Choose a Treatment Strategy

You can choose one of the following approaches for each risk:

Accept: Acknowledge the residual risk and take no further action.
Transfer: Shift responsibility (e.g. outsource or insure the risk).
Further Mitigate: Apply additional actions to reduce risk further.
Avoid: Discontinue the process or activity causing the risk.

For each strategy, you can:

Select a treatment reason (e.g. “Risk is insured”, “Work is outsourced”).
Add optional treatment notes to document your decision.

Click Save and close once you have selected the appropriate treatment strategy.

Create a Risk Treatment Task (Optional)

You can assign mitigation tasks to ensure that treatment actions are implemented.

To create a treatment task:

In the Treatment section, click + Add Task.

Enter the following details:
- Task name
- Assignee (Security Hub admin)
- Due date
- Optional notes or attachments
Click Add Task to save.

Tasks appear in the dashboard and are tracked until completion. Once completed, the task status is marked as Passing.

PreviousMap Controls to a Risk NextConduct a Risk Assessment

Last updated 20 days ago