Create a new risk from an incident

Path Parameters

id

required

integer format: int64

The ID of the incident to create a risk for

Example

201

Risk created

This struct is used to represent both OrgRisks and KeyRisks. It is used to display risks in the Risk Register

object

assigned_to

One of:

null
object

null

AKRs: assigned_to_id on org_key_risk_history OrgRisks: assigned_to_id on risk_history

object

email

required

string

first_name

required

string

icon

string | null format: image/png

Example

https://picsum.photos/200

id

required

string format: uuid

last_name

required

string

closed_date

AKRs: closed_date on org_key_risk_history OrgRisks: closed_date on risk_history

string | null format: date-time

comments

required

Risk_comment

integer format: int64

control_statement

The control statement for the risk

string | null

created_date

required

AKRs: the created_date is derived from created_date on org_key_risk_history. OrgRisks: created_date on risk

string format: date-time

description

required

KeyRisk: key_risk_history OrgRisk: risk_history

string

discovered_date

required

AKRs: discovered_date on org_key_risk_history OrgRisks: discovered_date on risk_history

string format: date-time

due_date

AKRs: due_date on org_key_risk_history OrgRisks: due_date on risk_history

string | null format: date-time

expected_date

AKRs: expected_date on org_key_risk_history OrgRisks: expected_date on risk_history

string | null format: date-time

id

required

string

Example

RSK-00001

impact

One of:

null
string

null

impact_analysis

The impact analysis for the risk (for AI scoring analysis)

string | null

incident_associations

required

Associations to incident based on the incident_risk_assoc table

Array<string>

Example

INC-00001

initially_reported_urgency

One of:

null
string

null

likelihood

One of:

null
string

null

likelihood_analysis

The likelihood analysis for the risk (for AI scoring analysis)

string | null

opened_by

One of:

null
object

null

AKRs: none OrgRisks: opened_by_id on risk_history

object

email

required

string

first_name

required

string

icon

string | null format: image/png

Example

https://picsum.photos/200

id

required

string format: uuid

last_name

required

string

remediation_task

The task to remediate the risk

string | null

source

KeyRisk: AKR_SOURCE, OrgRisk: risk_history

string | null

status

required

KeyRisk: org_key_risk_history OrgRisk: risk_history

string

Allowed values: New Urgency Proposed Remediation Closure Proposed Closed

tags

required

The tags applied to the risk

Array<object>

object

content

required

string

creator_id

required

string format: uuid

id

required

string format: uuid

org_id

string | null format: uuid

threat_objectives

required

AKRs: key_risk_threat_objective OrgRisks: risk_threat_objective

Array<object>

A relational struct that has a threat objective type and its relevancy to a risk.

object

created_date

The time that this relation was mutated

string | null format: date-time

relevance

One of:

null
string

null

threat_objective

required

The threat objective type

string

Allowed values: Sabotage Data Disclosure Extortion Customer Targeting Resource Hijacking Fraud

title

required

KeyRisk: key_risk_history OrgRisk: risk_history

string

type

required

KeyRisk: key_risk_history, OrgRisk: risk_history

string

Allowed values: Code Configuration Control Deficiency Policy Procedural Vulnerability Third-party

updated_date

required

AKRs: updated_date on org_key_risk_history OrgRisks: created_date on risk_history

string format: date-time

404

Incident not found

Create a new risk from an incident

Parameters

Path Parameters

Example

Responses

201

Example

Example

Example

Example

404