← Back to Blog
Product

Managing risks in ISMSVision (short overview)

ISMS Vision Team April 2026 5 min read

After sign-in, the Risk Management workspace lives under /app/risk-management. One horizontal tab bar carries the whole ISO story—from heat-map style summaries to the control library and findings—so security and GRC leads do not split the narrative across unrelated spreadsheets.

The seven tabs (what each is for)

  • Overview — leadership-friendly counts: active risks, high residual exposure, missing assessments, risks without linked controls, open non-conformities, control effectiveness gaps, and a Statement of Applicability summary. Includes “attention” risk rows and recent NC / improvement-opportunity snippets.
  • Risks — the register and deep-dive risk records: scenario, assets, ownership, inherent and residual assessment, linked controls, treatment, acceptance, notes, and activity history.
  • Controls — your control library: catalogue fields, effectiveness and monitoring posture, and linkage back to the risks that depend on each control.
  • Non-conformities — audit and assessment findings with configurable workflow statuses and sources.
  • Improvement opportunities — positive backlog items (OFIs) tracked alongside formal NCs.
  • Statement of Applicability — structured view over control applicability driven from the same library you maintain in Controls.
  • Configuration — hub for risk matrix, risk types, statuses, threat phrases, control taxonomies, monitoring cadence, non-conformity labels, risk workflows, and notification templates scoped to this module.

SoA background: what is a SoA?, how to fill it in, how ISMSVision helps. Context upstream of the register: interested parties & objectives register.

Typical weekly rhythm

Glance at Overview for red flags, triage new items in Risks or Non-conformities, update Controls when tests complete, and adjust Configuration only when methodology changes—so the register stays stable for year-on-year comparison.

Need screen-by-screen detail? Read managing risks in ISMSVision — detailed guide. For ISO alignment, see how ISMSVision supports ISO 27001 risk requirements.

Start from the product page

Public marketing pages summarise modules; the workspace opens after you sign in to your tenant.

Risk Management