Risk Assessment
On This Page
Overview
The Risk assessment helps you understand the potential cost exposure for the scanned content. This is based on the Cost per incident value added to the policy tracking groups. If no cost was added, the values will be 0.
Risk Exposure and Cost
The first section of the report provides an overview of the risk exposure and cost exposure. By default, the graph displays information about file counts. You can view the data by file size if preferred.
Critical and high-risk files are shown in red, and medium-risk files are shown in yellow. The darker shades represent the unremediated data (data against which no action has been taken), and the lighter shades represent the remediated data (data that has been handled by an action on the policy). When you hover over a section of the graph, it displays the risk level, the total number of remediated and unremediated files in this group (or the total size, depending on the filter), and the percentage of the total content the files represent.
The values in the graph are used to calculate the three values at the top of the page. The first value identifies the total number of critical or high-risk files. Again, this information is displayed in red in the graph.
The next value identifies the percentage of the files remediated by the policy actions. This is calculated by dividing the total number of remediated critical and high-risk files by the total number of critical and high-risk files (both remediated and not remediated). The Exposure level is determined by this percentage.
Remediated % | Exposure level |
|---|---|
>66% | Low |
Between 33-66% | Medium |
Below 33% | High |
The cost exposure values under the Exposure level are calculated based on the Cost per incident value set for each tracking group. Cost savings are based on the remediated files (number of remediated files x cost per incident for the corresponding tracking group), and cost exposure is based on the unremediated files (classified files - remediated files) and their potential cost.
Risk History
The second chart shows the risk exposure history. By default, it shows the data for the critical risk level, but you can select a different risk level from the filter list if preferred. Use the arrows next to the date to scroll through the dates and view the risk assessment for other periods. This helps you visualize how the risk level has changed, so you can better manage your data governance. You can hover on any date in the graph to see the file breakdown for that period.