The Portfolio Risk Matrix is a card in the Portfolio Dashboard [ Dashboard] of the Continuous Monitoring application. Use it to quickly identify high concentrations of risk and prioritize action accordingly.
Setup
Requires 10 or more subscriptions among your total Total Risk Monitoring and Risk Monitoring quota.
Use the Edit Tiers and Thresholds link at the top-right of the Portfolio Risk Matrix card to set a tier’s risk thresholds according to your organization’s risk tolerance.
If the Portfolio Risk Matrix is unavailable, ensure you have configured your third parties into tiers. The fully customizable tiering and risk threshold capabilities support varying policy standards.
The starting thresholds vary based on correlation to breach statistics. This can help identify critical risk and adapt your process to focus on what matters most. Adjust the starting thresholds and add new thresholds from the Tier Settings page [ Risk Program Setup ➔ Tier Settings].
Interpretation
Tiers are organized based on criticality and security risk. They can be used as filters to drive alerts on security ratings or risk vector grades and can be accessed from your portfolio menu, just like the folder functionality.
Recommendation: Prioritize your remediation and outreach efforts for the companies in the Escalate category and work towards the companies in the Monitor category. This ensures a strategic and efficient way to collaborate with your third parties for improving their risk posture.
- March 7, 2025: Navigation instructions; Organized into sections; Section shortcuts.
- November 12, 2021: Added where to access the Portfolio Risk Matrix; “Manage Tiers” page renamed to “Tier Settings” page and linked to resource.
- June 2, 2020: Published.
Feedback
0 comments
Please sign in to leave a comment.