Risk Relationships Overview

Effective risk management requires understanding compensating controls, or the alternate measures that organizations can use to fulfill a requirement. The problem is, most third-party risk management platforms and frameworks (ISO27001, NIST, CMMC, etc.) look at controls in isolation and lack context in compensating controls, which can complicate determining the best course of remediation.

New in Prevalent Platform v3.18, risk relationships provide a clear, easy way of seeing associations, enabling users to link risk items to one another. Once relationships between risks have been determined, if a vendor triggers one (or both) risk items in response to a submission, a relationship between the two risk items is generated and displayed.