Frequently Asked Questions (FAQs)

This section answers common questions related to the Risk Management module in Sprinto. Whether you're just getting started or need clarification on specific workflows, you'll find quick answers and guidance here.

1. What are the different ways to add risks in Sprinto?

You can add risks using Sprinto's predefined risk library, by manually creating custom risks, or by uploading a list using the bulk CSV upload feature.

2. Can I edit a risk after creating it?

Yes, you can edit most risk fields—including name, owner, parameters, treatment, and mapped controls—until it has been reviewed by senior management. After review, the risk becomes read-only.

3. Why is my risk marked as ‘Incomplete’?

A risk is marked as Incomplete if scoring (likelihood and impact) or treatment details have not been added. You need to complete these steps to finalise the risk.

4. Can I delete a risk that has already been reviewed?

No. Risks that are part of a completed assessment or have been reviewed cannot be deleted. You must remove any treatment tasks or controls first before deleting editable risks.

5. How often should I perform a risk assessment?

Sprinto recommends performing a risk assessment at least once a year. However, you can initiate one any time there are significant changes in your organisational structure, operations, or environment.

6. What happens after I upload a risk assessment document?

The uploaded document is stored securely in Sprinto and can be reviewed by senior management. The system check for risk assessment is marked as Passing after review.

7. Who is responsible for reviewing the assessment?

Senior management (users with the appropriate role) must formally review and acknowledge completed assessments for compliance to be marked complete.

8. Will I receive notifications for pending actions?

Yes. Sprinto sends email and in-app notifications for pending risk assessments, unscored risks, overdue treatment tasks, and pending reviews.

9. Can I use AI to help map controls?

Yes. Sprinto provides AI-assisted suggestions to help you automatically map relevant controls to each risk based on its category and score.

10. Where can I view system checks related to risks?

System checks are visible in the Dashboard and under the Risks section. They help you track incomplete assessments, missing scoring, open tasks, and overdue reviews.