Creating and assigning risk areas to a threat

Threats that are imported from various source products can be assigned to appropriate risk areas that are available. You can also create a risk area based on your business needs and assign it to a threat. A risk area is a logical group of threats of similar nature. Critical risk areas are represented as bubbles on the dashboard heat map.

Before you begin

Ensure that the threats from various sources products are imported into IBM® Security Risk Manager repository through the Universal Data Insights service. For more information about downloading threats, see Asset and data source connections.

Procedure

  1. On the home page, click the Menu icon.
  2. In the My applications section, click Risk Manager > Manage threats.
  3. Click the Threats tab.

    By default, a list of all the threats and their attributes is displayed in tabular format. You can apply filters to the threat list to focus on the content that you want.

  4. Select the relevant filters and click Apply filters.
  5. Select the threat to assign the risk areas.
  6. Click the More More icon icon and select Assign risk area.
  7. Assign risk areas from the available list of risk areas. Risk Manager provides a set of standard risk areas.
    1. Click the relevant risk areas from the list.
  8. Create a risk area and assign it to the selected threat.
    1. Click Create risk area.
    2. In the Create/Edit risk area window, specify a name and description for the risk area.
    3. Click Create risk area.
      The risk area that you created is listed in the Assign risk areas window.
    4. Click the risk area that you created.
  9. Click Assign risk area(s).