Clarion

Appearance

Risk Management

Clarion's Risk Management module gives you a complete risk registry to identify, assess, treat, and monitor your organization's risks — all in one place. It follows ISO 27005 and ISO 31000 best practices, so you're always audit-ready.

What You Can Do

FeatureWhat It Does
Risk RegistryKeep a centralized list of all your risks with scores, owners, and statuses
Risk LibraryGet started fast with 110+ pre-built risks across 17 security categories
Automatic Residual ScoringSee your real risk exposure update automatically as your controls improve
Lifecycle TrackingMove risks through stages: Identified → Assessed → In Treatment → Monitored → Closed or Accepted
Control LinkingConnect risks to your compliance controls and see how they reduce your exposure
Dashboard & AnalyticsView KPIs, risk heatmaps, trend charts, and category breakdowns at a glance
Audit TrailEvery change is recorded — who did what and when
CSV ExportDownload your full risk register for reporting or evidence

Supported Frameworks

The module helps you meet risk management requirements across these standards:

  • ISO 27005:2022 — Information security risk management
  • ISO 31000:2018 — General risk management framework
  • NIST SP 800-30 — Guide for conducting risk assessments
  • SOC 2 — Risk assessment criteria (CC3.1–CC3.4)
  • ISO 27001 — Annex A controls mapping via compliance controls

Getting Started

  1. Go to Risk Management in the sidebar (under Protect)
  2. Click + Add Risk to create your first risk
  3. Choose from the Risk Library (pre-built) or create a Custom risk
  4. Set the likelihood, impact, and treatment strategy
  5. Link compliance controls so your residual score calculates automatically

Who Can Access This?

Risk Management is available to Owners, Admins, Security Engineers, and Risk Managers. Viewers and Auditors have read-only access to the dashboard and registry.

Learn More

Clarion Security Observability Platform

© 2026 IntegritySec