Risk Register

Manage the risks associated with security controls

New Risk

Filter:

RISK-001 Operational

Critical

Compromise of Administrator Credentials

Risk of administrator credentials being compromised via phishing, brute force, or leaks.

Inherent 20

Residual 20

Mitigating None

RISK-002 Operational

Critical

Privilege Accumulation (Privilege Creep)

Users accumulate access privileges over time without proper review.

Inherent 15

Residual 15

Open

RISK-003 Operational

Critical

Data Exfiltration by Former Employees

Risk of former employees accessing systems after termination.

Inherent 15

Residual 15

Open None

RISK-004 Operational

Critical

Lateral Movement via Local Administrator

Attackers use shared local administrator passwords to move across the network.

Inherent 16

Residual 16

Open

RISK-005 Operational

Critical

Lack of Visibility into Suspicious Activities

Absence of adequate monitoring prevents threat detection.

Inherent 16

Residual 16

Open

RISK-006 Operational

High

MFA Bypass via Legacy Protocols

Attackers use protocols like IMAP/POP3 to bypass MFA.

Inherent 12

Residual 12

Open

RISK-007 Operational

Critical

Service Account Compromise

Service accounts with static credentials are easy targets.

Inherent 16

Residual 16

Open

RISK-008 Operational

High

Malicious OAuth Applications

Users grant excessive permissions to malicious applications.

Inherent 12

Residual 12

Open

RISK-009 Operational

Critical

Accountability Failure (Accountability)

Absence of a clear audit trail makes it difficult to hold administrative actions accountable to the ...

Inherent 15

Residual 15

Open

RISK-010 Operational

Critical

Conflicts of Interest due to Privileged Access

Unsegregated privileged access can enable conflicts of interest and fraud.

Inherent 15

Residual 15

Open

RISK-011 Strategic

High

Weaknesses in federation and third-party access due to inadequate MFA

Federated administrative accounts (partners, providers) or external users with elevated roles may au...

Inherent 12

Residual 12

Open

RISK-012 Operational

Medium

Operational unavailability due to MFA/IdP failures or token loss

Exclusive reliance on FIDO2/CBA without contingency planning can block operations in the event of ke...

Inherent 8

Residual 8

Open

RISK-013 Operational

Critical

MFA bypass via legacy protocols and uncovered flows

If phishing-resistant MFA (FIDO2/CBA) is not applied uniformly, endpoints that do not support MFA (e...

Inherent 15

Residual 15

Open

	1	2	3	4	5
5	5	10	15 RISK-003 RISK-009 RISK-010 RISK-013	20 RISK-001	25
4	4	8 RISK-012	12 RISK-006 RISK-008 RISK-011	16 RISK-004 RISK-005 RISK-007	20
3	3	6	9	12	15 RISK-002
2	2	4	6	8	10
1	1	2	3	4	5
	Rare	Unlikely	Possible	Likely	Almost Certain

Risk Register

Compromise of Administrator Credentials

Privilege Accumulation (Privilege Creep)

Data Exfiltration by Former Employees

Lateral Movement via Local Administrator

Lack of Visibility into Suspicious Activities

MFA Bypass via Legacy Protocols

Service Account Compromise

Malicious OAuth Applications

Accountability Failure (Accountability)

Conflicts of Interest due to Privileged Access

Weaknesses in federation and third-party access due to inadequate MFA

Operational unavailability due to MFA/IdP failures or token loss

MFA bypass via legacy protocols and uncovered flows

Mapa de Calor de Riscos

Confirm

Warning

Import Data