https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971625#M541 <P>the second approach is the likely more effective approach. Building your inventory of assets, risks, controls, threats etc, allows you to reuse those for assessments and builds up a history of where those are used for further analysis later on.&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>Hope that helps!</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 29 Jul 2025 12:00:53 GMT KPotter 2025-07-29T12:00:53Z https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971427#M540 <P>Hi,</P><P>I am a new user on Governacne &amp; Compliance Manager. We are considering following two approaches to standardize our regular risk assessments.</P><P>&nbsp;</P><P>1. Collect asset information against each risk assessment activity and add risks, threats and vulnerabilities against each risk assessment every time and evaluate control effectiveness. In this approach risks, assets, and vulnerabilities might have duplications, but we can start with tiny steps.</P><P>&nbsp;</P><P>2. Collect complete asset inventory, potential risks, threats and vulnerabilities and upload into the system. For each risk assessment we can select associated assets, risks, threats and vulnerabilities from already uploaded data and evaluate control effectiveness against each risk assessment exercise.</P><P>&nbsp;</P><P>Can someone please guide what is the right approach to move forward with a consistent and sustainable approach.</P><P>Thanks,&nbsp;</P> Thu, 24 Jul 2025 08:15:24 GMT https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971427#M540 MohsinRaza 2025-07-24T08:15:24Z https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971625#M541 <P>the second approach is the likely more effective approach. Building your inventory of assets, risks, controls, threats etc, allows you to reuse those for assessments and builds up a history of where those are used for further analysis later on.&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>Hope that helps!</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 29 Jul 2025 12:00:53 GMT https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971625#M541 KPotter 2025-07-29T12:00:53Z https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971669#M542 Thanks KPotter Wed, 30 Jul 2025 06:32:50 GMT https://communities.sas.com/t5/SAS-Risk-Management/Risk-Assessment-workflow-in-Governance-and-Compliance-Manager/m-p/971669#M542 MohsinRaza 2025-07-30T06:32:50Z