Hi all,
I was curious to see how everyone was hand,ling their risk register and keeping a log of all risks and associated tickets related to a risk.
For example, a risk is known and you want to get this signed off by the risk team or associated team and keep a register of all IT risks.
ie Risk: MFA not enabled for a user group.
Description: blah blah MFA is used as a security measure. Request has been submitted to revoke this.
Approval: Accept Risk, Decline risk and enforce best practice.