# Glossary This glossary defines key terms used throughout Sprinto’s Risk Management module.
TermDefinition
Assessment ReviewThe final step in the risk assessment cycle where senior management reviews and acknowledges the submitted assessment.
Bulk UploadThe process of importing multiple risks at once using a CSV template. Useful for migrating risks from external tools.
Control MappingThe act of linking security controls to a risk to mitigate its impact or likelihood. Controls can be manually added or AI-suggested.
Inherent RiskThe level of risk before any controls or mitigation measures are applied. Calculated using inherent likelihood and impact.
Residual RiskThe level of risk remaining after controls are applied. Calculated using residual likelihood and impact.
Risk LibrarySprinto’s curated collection of predefined risks based on industry standards. Users can select risks from this library to populate their register.
Risk OwnerThe individual responsible for tracking, mitigating, and managing a specific risk.
Risk ParametersQuantitative values used to assess risk, such as likelihood and impact—both inherent and residual.
Risk RegisterA central repository in Sprinto where all identified, scored, and treated risks are maintained.
Risk TreatmentThe chosen action to handle a risk, such as accept, avoid, transfer, or further mitigate.
Risk Treatment TaskA task created to implement a mitigation strategy. Assigned to users with a due date and status.
System CheckA Sprinto feature that monitors the health of the risk program (e.g. pending assessments, incomplete risks) and prompts user action.
ScoringThe process of assigning values to the likelihood and impact of a risk to calculate its risk level.