Case studyFortune 100: 80% less compliance workRead the Story
RiskWatch
Risk support · documentation

Customize Fields for Risk Assessment Product Application

Welcome to the Customize Fields of our Risk Assessment application! This feature allows users to edit the Customized data and these changes reflected in the application. This guide will walk you through the functionality and capabilities of the Customize fields in detail.

Updated 2026-05-14DocumentationRiskWatch platform

What is the Customize Fields for Risk Assessment Product Application module in RiskWatch?

Welcome to the Customize Fields of our Risk Assessment application! This feature allows users to edit the Customized data and these changes reflected in the application. This guide will walk you through the functionality and capabilities of the Customize fields in detail. It sits inside the RiskWatch risk workspace and shares its data with assessments, the evidence vault, and the audit-pack export so a single change updates every downstream view.

How do I use the Customize Fields for Risk Assessment Product Application screen?

Open the RiskWatch app, navigate to the Customize Fields for Risk Assessment Product Application module from the main menu, and apply the filters or actions described in the guide below. Permissions follow your role profile, so admins see configuration, assessors see workflow actions, and viewers see read-only data. Saved views and filters persist per user across sessions.

Key concepts in this module
Overview of Customize fieldsAccessing Customize fields ModuleRisk IDRisk ID fieldRisk Template ConfigurationRisk Title

User Guide: Customize Fields for Risk Assessment Product Application

Welcome to the Customize Fields of our Risk Assessment application! This feature allows users to edit the Customized data and these changes reflected in the application. This guide will walk you through the functionality and capabilities of the Customize fields in detail. 

  1. Overview of Customize fields :

This section allows you to customize the names of some of the fields to match the vocabulary within your organization. You can also adjust the thresholds of your Risk Levels for audit Assessments and how your scores are calculated. 

Following are the Customize fields:

  1. Risk Template Configuration
  2. Risk Levels 
  3. Custom fields For Additional Information 
  4. Accessing Customize fields Module :

Customize fields screen is accessible for Admin role. 

To Access Customize fields, follow below steps 

  1. Navigate to Main Menu 
  2. Go to Settings 
  3. Go to Customize fields 
  4. What is Risk Template Configuration in customize fields in Risk assessment product?
  • A Risk Template Configuration Template is a customizable framework used to define which fields, categories, and inputs are included in risk assessment forms or records. It helps organizations standardize how risks are documented across different teams, projects, or business units.
  • Fields available in Risk Template configuration are as follows:
  • Risk ID: The Risk ID field in a Risk Template Configuration within a Risk Assessment product is a unique identifier assigned to each risk entry in the system. It plays a critical role in tracking, referencing, and managing individual risks throughout their lifecycle.
  • When user click on edit icon in risk id column user can change label name for this risk id. Updated name should be displayed on the application.
  • When user enable visibility icon for risk Id that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just risk id field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Risk Title: The Risk Title field in a Risk Template Configuration within a Risk Assessment product is a required descriptive field used to name or label a specific risk. It gives a concise, readable summary of the risk being assessed.
  • When user click on edit icon in risk title column user can change label name for this risk id. Updated name should be displayed on the application.
  • When user enable visibility icon for risk title that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just risk title field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Risk Name: The Risk Name field in a Risk Template Configuration within a Risk Assessment product is typically another term for "Risk Title", but depending on the system or organization, it may have a slightly different usage or format.
  • When user click on edit icon in risk name column user can change label name for this risk id. Updated name should be displayed on the application.
  • When user enable visibility icon for risk name that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just risk name field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Description: The Description field in a Risk Template Configuration within a Risk Assessment product is a free-text field used to provide a detailed explanation of the identified risk. It gives context beyond the Risk Name or Risk Title, helping stakeholders fully understand the nature, cause, and potential impact of the risk.
  • When user click on edit icon in Description column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Description that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Source OF Risk: The "Source of Risk" field in a Risk Template Configuration within a Risk Assessment product is used to identify the origin or cause of a risk. It helps classify where the risk is coming from, which is essential for understanding, analyzing, and mitigating the risk effectively.
  • When user click on edit icon in Source of Risk column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Risk Category: The Risk Category field in a Risk Template Configuration within a Risk Assessment product is used to classify risks into logical groupings or types based on their nature, origin, or area of impact. This field helps organizations organize, analyze, and report on risks consistently.
  • When user click on edit icon in Risk Category column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Risk Owner: In a risk assessment product, particularly within risk template configuration, the term "Risk Owner" refers to the individual or entity responsible for managing and monitoring a specific risk.
  • When user click on edit icon in Risk Owner column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Status: In a risk template configuration, the "Status" field represents the current stage or condition of a risk within the risk assessment lifecycle. It is a key field used to track progress, monitor activity, and support decision-making throughout risk management.
  • When user click on edit icon in Risk Owner column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • DepartmentTeamOwner: In a risk template configuration, the "Department Team Owner" field refers to the specific business unit, team, or department that owns or is primarily responsible for the risk. This is different from an individual Risk Owner—it’s about organizational accountability rather than personal responsibility.
  • When user click on edit icon in Department Team Owner column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • Severity: In a risk template configuration, the "Severity" field represents the level of potential impact a risk could have on your organization if it occurs. It is one of the core attributes used to evaluate and prioritize risks, often used alongside Likelihood to calculate overall Risk Level or Risk Score.
  • When user click on edit icon in Department Team Owner column user can change label name for this description. Updated name should be displayed on the application.
  • When user enable visibility icon for Risk Column that field should be displayed on the page.
  • When user check mandatory then this field should be displayed on the application and when user uncheck this mandatory field just description field should be displayed on the application.
  • When user click on tick mark icon in action and updated changes should be displayed on the page.
  • When user click on cross icon in action column existing data should be displayed on the page & application.
  • How many risk template fields we have in risk assessment product?
  • In risk assessment product we have 3 risk template and those are mentioned below:
  • Likelihood/Impact
  • Confidentiality/ Integrity/ Availability
  • Asset/Threat/Vulnerability
  1. What likelihood/Impact metrics in risk template configuration is in customizes fields in risk assessment product?
  • In a risk template configuration, the "Likelihood/Impact metrics" are customizable fields used to evaluate the level of risk by assessing:
  • Likelihood (how probable the risk is), and
  • Impact (how severe the consequences would be if it occurs).
  • Together, these two metrics are the foundation of qualitative or semi-quantitative risk assessment, often used to calculate a risk score or risk rating.
  • Check whether when user select likelihood/impact metrics and ratings as ”default from settings” or custom from questionnaires below fields should be displayed:
  • Rating
  • Likelihood
  • Impact
  • Inherent risk: Impact * Likelihood +Compliance Gap Score
  • Residual Risk: Residual Impact * Residual Likelihood +Compliance Gap Score.
  • When user click on action column and user can change label name and updated label name should be displayed in application.
  1. What is Confidentiality/Integrity/Availability metrics in risk template configuration is in customizes fields in risk assessment product?
  • When setting up a risk template, tracking CIA metrics is essential for:
  • Quantifying potential impacts on each dimension (e.g., high impact if confidentiality is lost vs. moderate if availability is impacted) .
  • Enabling balanced risk analysis (e.g., encrypting data may improve confidentiality but might slow access, affecting availability)
  • Check whether when user select Confidentiality/Integrity/Availability metrics and ratings as ”default from settings” or custom from questionnaires below fields should be displayed:
  • Rating
  • Confidentiality
  • Integrity
  • Availability
  • Likelihood
  • Impact
  • Inherent risk: Impact * Likelihood +Compliance Gap Score
  • Residual Risk: Residual Impact * Residual Likelihood +Compliance Gap Score.
  • When user click on action column and user can change label name and updated label name should be displayed in application.
  1. What is Asset/Threat/Vulnerability metrics in risk template configuration is in customizes fields in risk assessment product?
  • In a risk assessment product, an Asset/Threat/Vulnerability (ATV) template is a structured configuration used to model and evaluate security risks by linking
  • Asset:

These are the things you're trying to protect:

Examples: servers, databases, applications, intellectual property, customer data.

Typical fields:

  • Asset Name / ID
  • Asset Type
  • Criticality / Business Value
  • Confidentiality / Integrity / Availability ratings

Threats

Threats are potential events or actors that could exploit vulnerabilities to harm assets:

Examples: malware, insider threats, phishing, physical theft, ransom ware.

Typical fields:

    • Threat Type / Source
    • Likelihood (Low–High or 1–5)
    • Motivation or Capability (optional)
  • Check whether when user select Asset/Threats/Vulnerability metrics and ratings as only ”default from settings” or below fields should be displayed:
  • Asset
  • Threat
  • Vulnerability
  • Likelihood
  • Impact
  • Inherent risk: Impact * Likelihood +Compliance Gap Score
  • Residual Risk: Residual Impact * Residual Likelihood +Compliance Gap Score.
  1. Editing Risk Levels :
  • Risk Levels section, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Risk Level 1 to Risk Level 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in risk level section.
  1. Editing Likelihood Levels:
  • Likelihood levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Level 1 to Impact Level 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in risk level section.
  1. Editing Risk Priority Levels :
  • In risk management, the priority levels of a risk are determined by its risk score. The risk with the highest score is ranked first, and so on. Risk prioritization is the process of analyzing risks to determine which ones is the highest priority and need to be addressed first. 

Priority Risk level will be used to assign priority for automated Tasks. 

  • In Risk Priority Levels section, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk Property level fields are available from Risk Priority Level 1 to Risk Priority Level 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in risk level section.
  1. Edit Control Effectiveness Levels :
  • Control Effectiveness levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Control Effectiveness 1 to Impact Level 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in risk level section.
  1. Edit Asset Criticality Levels :
  • Asset Criticality Levels , it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Criticality Level 1 to Criticality Level 10. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Threat Rating Levels :
  • Threat Rating Levels , it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Rating 1 to Rating 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Impact Levels :
  • Impact Levels , it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Level 1 to Impact Level 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.

  1. Edit Confidentiality Levels :
  • Confidentiality Levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Confidentiality 1 to Confidentiality 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Availability Rating Levels :
  • Availability Rating Levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Availability Rating Levels 1 to Availability Rating Levels 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Integrity Rating Levels :
  • Integrity Rating Levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Integrity Rating 1 to Integrity Rating 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Vulnerability Rating Levels :
  • Vulnerability Rating Levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Vulnerability Rating 1 to Vulnerability Rating 5. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. Edit Criticality Levels :
  • Criticality Levels, it consists of Risk Field Name, Label Name, Value, Color, Action and Visible columns.
  • When selected Action icon, Label name, Value and Color fields can be edited. 
  • When user update above values and click on save updated values should be displayed on the application.
  • Risk fields names are available from Impact Criticality Level 1 to Criticality Level 11. Following columns names values can be changed using Action column. 
  • Label name 
  • Value 
  • Colour 
  • ‘Visible’ toggle column should be in disabled mode in Asset Criticality Levels section.
  1. What events are in Risk Level tab in customizing fields sub module in settings module? 
  • Events section will capture all changes done by user on Risk Levels tab screen. 
  • In events section below fields should be displayed: 
  1. Search Field: When user enters related text in events search field if entered text is matching then data should be displayed on the page. If no data available on the page “No records found” message should be displayed on the page. 
  2. Click here to view/hide details: When user click on click here to view icon columns popup should be displayed. When user unchecks any column that column should not be displayed on the page. Checked data should be displayed on the page. 
  3. Excel Export: When user clicks on excel export link excel sheet should be downloaded successfully. 
  4. In events screen we will capture below operations done by an end user:
  • Create
  • Update
  • Delete
  • In events sections in risk level tab below columns should be displayed on the page:
  • Action Performed: Which operation done by user like create, Update & Delete those records should be displayed in this column.
  • Performed By: Which user performed those users email id should be displayed in this column data.
  • Module: In this column on which module user performed actions those data should be displayed on this page.
  • Action Date: In this column on which date user has performed operation should be displayed on this page.
  • View Details: Check whether when user click on icon in view details icon audit info popup should be displayed on this page.
  1. Custom Fields For Additional Information :
  • Custom fields can be added Facility and Audit Register, added Custom fields will be displayed in Facility and Audit Register screens. 
  • In this section, two items added in the filter list :
  • Risk Template
  • Facility
  • Users
  • Tasks
  • When User selects Risk Template and click on ‘Add Custom Fields’, new added custom popup should be displayed on the page with below fields:
  • Field Name: This field is mandatory.
  • Field Type: It is dropdown field contains below data: field contains below data:
  • Text
  • Number
  • Date
  • File
  • Currency
  • When user enter field name & select field type and when click on save that field should be displayed in that particular selected screen.
  • When user click on cancel button in popup then popup should be disappeared.
  • When User selects Facility and click on ‘Add Custom Fields’, new added custom popup should be displayed on the page with below fields:
  • Field Name: This field is mandatory.
  • Field Type: It is dropdown field contains below data: field contains below data: This Field is mandatory
  • Text
  • Number
  • Date
  • File
  • Currency
  • Text Area
  • Facility Type: This field is mandatory.
  • When user enter field name, select field type And Facility Type and when click on save that field should be displayed in that particular selected screen.
  • When user click on cancel button in popup then popup should be disappeared.
  • When User selects Users and click on ‘Add Custom Fields’, new added custom popup should be displayed on the page with below fields:
  • Field Name: This field is mandatory.
  • Field Type: It is dropdown field contains below data: field contains below data:
  • Text
  • Number
  • Date
  • File
  • Currency
  • When user enter field name & select field type and when click on save that field should be displayed in that particular selected screen.
  • When user click on cancel button in popup then popup should be disappeared.
  • When User selects Tasks and click on ‘Add Custom Fields’, new added custom popup should be displayed on the page with below fields:
  • Field Name: This field is mandatory.
  • Field Type: It is dropdown field contains below data: field contains below data:
  • Text
  • Number
  • Date
  • File
  • Currency
  • When user enter field name & select field type and when click on save that field should be displayed in that particular selected screen.
  • When user click on cancel button in popup then popup should be disappeared.
  1. What events are in custom fields for additional information tab in customizing fields sub module in settings module? 
  • Events section will capture all changes done by user on custom fields for additional information tab screen. 
  • In events section below fields should be displayed: 
    1. Search Field: When user enters related text in events search field if entered text is matching then data should be displayed on the page. If no data available on the page “No records found” message should be displayed on the page.
    2.  Click here to view/hide details: When user click on click here to view icon columns popup should be displayed. When user unchecks any column that column should not be displayed on the page. Checked data should be displayed on the page. 
    3. Excel Export: When user clicks on excel export link excel sheet should be downloaded successfully. 
  • In events screen we will capture below operations done by an end user:
  • Create
  • Update
  • Delete
  • In events sections in risk level tab below columns should be displayed on the page:
  • Action Performed: Which operation done by user like create, Update & Delete those records should be displayed in this column.
  • Performed By: Which user performed those users email id should be displayed in this column data.
  • Module: In this column on which module user performed actions those data should be displayed on this page.
  • Action Date: In this column on which date user has performed operation should be displayed on this page.
  • View Details: Check whether when user click on icon in view details icon audit info popup should be displayed on this page.

Common questions about Customize Fields for Risk Assessment Product Application

What does the Customize Fields for Risk Assessment Product Application module integrate with?+

The Customize Fields for Risk Assessment Product Application screen shares records with the rest of the RiskWatch risk suite: Overview of Customize fields, Accessing Customize fields Module, Risk ID, Risk ID field, plus the cross-mapping engine that connects risk controls to other frameworks like ISO 27001, SOC 2, HIPAA, NIST 800-53, and PCI DSS. There is nothing to wire up, the integrations are native.

Where does the Customize Fields for Risk Assessment Product Application fit in the RiskWatch risk workflow?+

It is one of 27 screens that make up the Risk module. Most teams reach it from the risk dashboard while running an assessment or reviewing posture. See the related-topics sidebar for the workflows it feeds into and the upstream screens that feed it.

References and related standards

Standards and references the Customize Fields for Risk Assessment Product Application module aligns with, plus related RiskWatch documentation.

Stuck on this workflow?

Talk to support, or have a solutions engineer walk you through the workflow on your tenant.

Contact supportBook a walkthrough
All Risk support topics
Request a Demo