Glossary

Assessment Review

The final step in the risk assessment cycle where senior management reviews and acknowledges the submitted assessment.

Bulk Upload

The process of importing multiple risks at once using a CSV template. Useful for migrating risks from external tools.

Control Mapping

The act of linking security controls to a risk to mitigate its impact or likelihood. Controls can be manually added or AI-suggested.

Inherent Risk

The level of risk before any controls or mitigation measures are applied. Calculated using inherent likelihood and impact.

Residual Risk

The level of risk remaining after controls are applied. Calculated using residual likelihood and impact.

Risk Library

Sprinto’s curated collection of predefined risks based on industry standards. Users can select risks from this library to populate their register.

Risk Owner

The individual responsible for tracking, mitigating, and managing a specific risk.

Risk Parameters

Quantitative values used to assess risk, such as likelihood and impact—both inherent and residual.

Risk Register

A central repository in Sprinto where all identified, scored, and treated risks are maintained.

Risk Treatment

The chosen action to handle a risk, such as accept, avoid, transfer, or further mitigate.

Risk Treatment Task

A task created to implement a mitigation strategy. Assigned to users with a due date and status.

System Check

A Sprinto feature that monitors the health of the risk program (e.g. pending assessments, incomplete risks) and prompts user action.

Scoring

The process of assigning values to the likelihood and impact of a risk to calculate its risk level.