Work Item Types

Type ID	Label	Icon	Role in TARA
`taraRecord`	TARA Record	type_risk.gif	Core risk assessment record — one per threat path
`cybersecurityGoal`	Cybersecurity Goal	type_requirement.gif	High-level objective derived from risk assessment (Clause 15)
`systemElement`	System Element	testrun_status_open1.png	Physical or logical component under analysis
`threatScenario`	Threat Scenario	MAN_project_monitoring_and_control.gif	Named threat grouping attack paths
`riskControl`	Risk Control	build_OK.png	Countermeasure that mitigates a TARA record
`stakeholder`	Stakeholder	req_status_accepted.gif	Entity affected by cybersecurity threats
`sysReq`	Requirement	type_purple_feature.png	Specifies system behavior (default type)
`testCase`	Test Case	type_purple_testcase.png	Verifies a requirement

TARA Record (taraRecord) — 15 custom fields covering CIAx property, damage scenario, 5-factor attack feasibility, risk verdict, treatment choice and status, claims, and threat path. Cybersecurity Goal (cybersecurityGoal) — CAL assignment, CIAx property, asset, and rationale fields. System Element (systemElement) — Element type hierarchy (system, subsystem, component) and status tracking. Threat Scenario (threatScenario) — Shared catalog entries referenced by TARA records via the hasThreatScenario link role. Risk Control (riskControl) — Control type classification and linkage via the mitigates role. Stakeholder (stakeholder) — Shared catalog entries referenced via the hasStakeholder link role.

TARA record fields are marked read-only in the default Polarion form layout. All editing is done exclusively through the Risksheet interface.

Link Roles and Traceability — how work item types connect
Data Model and Work Item Types — conceptual overview
Enumerations — enum values for all typed fields

Getting Started

Concepts

How-To Guides

Reference

FAQ

Getting Started

Concepts

How-To Guides

Reference

FAQ

​Related

Related