Published Risk Assessments
Diri AS have made risk assessment templates for copying to ease your way into cyber risk management. The templates are available through the "Published Assessments"-feature on the risk assessment overview. The library will contain templates for standard overall risk assessments, suggestions for risk assessing generic cloud applications, and system-specific assessments.
Accessing the risk assessment repository og copying a template
The option for "Published Assessments" available through in the Risk assessments menu.
Access the risk assessment you wish to re-use through the risk assessment overview by clicking the "Published Assessments" button. This will list all the assessments that are currently marked as visible in click copy
What does "Published" mean?
published assessment has been made available in the Diri cloud instance
where it resides. The risk assessment then becomes visible to all users
in that particular instance of the Diri application.
How to publish a risk assessment?
If you wish to publish a risk assessment we recommend to create an anonymized copy of the object you wish to share. Use the copy
anonymization features to make sure not to include any sensitive data about your organisation.
You can find the
option on the risk assessment dashboard via the "Ownership" button. A
published risk assessment has the following settings:
Ownership settings for a published risk assessment
Note that these settings only allow for read
In the risk assessment overview, setting a risk assessment as available
to the public will move it from your "All" risk assessments to the
"Published Assessment" group.
Copy and re-use risk assessments
Copying whole risk assessments The copy button is available on all risk assessment objects Are you delighted with one or more of your assessments? Or is the same IT system in use multiple places? Existing risk assessments can be copied and re-used in ...
Add risks from template
Create a set of baseline risks for all assessments Currently, the beta version of this functionality in production only allows for copying the template to one risk assessment at a time. The functionality does not copy risk treatments to prevent the ...
What is the difference between "Add existing" and "Copy treatment"?
Existing measure: This is used when you want to reuse a measure that is already in place or is common. For example, if a company has implemented Azure MFA, this will apply to all services that use AzureAD for login. An existing measure will therefore ...
The Diri Risk Matrix
What is the Diri Risk Matrix? The Risk Matrix in Diri is a classic visualization matrix that illustrates risks on two axes, with probability on the Y-axis and consequence on the X-axis. In Diri, a risk is a combination of a cause, an event, and a ...
1 - Overall Risk Assessment
What is the Overall Risk Assessment? The Overall risk assessment (ORA) provides the easiest way to get started with risk assessments in Diri. The Diri ORA asks you to briefly describe the parts of your organization that impact cybersecurity, such as ...