Purpose
Risk controls capture the specific technical or procedural measures applied to reduce, avoid, or share cybersecurity risk. Each risk control links to one or more TARA records via themitigates link role and is classified by control type following the IEC/ISO safety hierarchy (Inherent Safety Design, Protective Measure, Information for Safety).
Work Item Identity
| Property | Value |
|---|---|
| Type ID | riskControl |
| Label | Risk Control |
| Icon | build_OK.png |
| Tracker Prefix | TR |
| Form Layout | riskControl-form-layout.xml |
| Risksheet Role | Task type (linked via mitigates role, displayed as “Risk Control”) |
Custom Fields
| Field ID | Name | Type | Description |
|---|---|---|---|
riskControlType | RiskControlType | enum:riskControlType (multi-select) | Classifies the control by type. Supports multiple simultaneous values, allowing a single control to span multiple categories. |
Risk Control Type Enum Values
TheriskControlType enumeration follows the IEC/ISO safety hierarchy:
| Enum ID | Label | Sort Order | Description |
|---|---|---|---|
inherentSafetyDesign | Inherent Safety Design | 0 | Eliminates or reduces hazards through fundamental design choices. Preferred approach per ISO/SAE 21434 secure-by-design principles. |
protectiveMeasure | Protective Measure | 1 | Add-on safeguards (firewalls, encryption, IDS) that reduce likelihood or impact without changing the fundamental design. |
informationForSafety | Information for Safety | 2 | Warnings, instructions, training, or procedural guidance about residual risks. Last-resort tier in the control hierarchy. |
protectiveMeasure and informationForSafety).
Link Roles
Outgoing Links
| Role ID | Forward Label | Target Type | Description |
|---|---|---|---|
mitigates | Mitigates | taraRecord | Primary TARA link. Connects this control to the threat/risk it addresses. |
Incoming Links
| Role ID | Reverse Label | Source Type | Description |
|---|---|---|---|
implements | is Implemented by | task, sysReq | Tasks or requirements that implement this control. Dual rule: task -> riskControl and sysReq -> riskControl. |
Traceability Chain
The risk control sits in the Control Track:
mitigates link is the core Risksheet task link type. In the Risksheet configuration, riskControl is defined as the task type with:
Risksheet Integration
Risk controls appear in the Risksheet through two columns:| Column ID | Header | Type | Group | Description |
|---|---|---|---|---|
task | Control ID | taskLink | Controls | Links to riskControl work items via the mitigates role. Displays the control’s work item ID. |
taskTitle | Control | text (bindings: task.title) | Controls | Displays the title of the linked risk control. collapseTo=true for compact view. |
Goal Highlight Decorator
WhentreatmentChoice is reducing or avoiding on a TARA record, the goalHighlight decorator checks whether a cybersecurity goal is linked. Similarly, the presence or absence of risk controls affects treatment completeness indicators in the Risksheet.
Workflow
TheriskControl type follows the general work item workflow:
| State | Color | Description |
|---|---|---|
draft | #3366FF | Initial state after creation. |
inReview | #FFFF99 | Submitted for review. |
pendingApproval | #FFFF33 | Awaiting formal sign-off. |
approved | #66FF66 | Formally approved. |
rejected | #FF3300 | Rejected. Requires rework. |
obsolete | — | No longer active. |
Lucene Queries
Form Layout Notes
TheriskControl-form-layout.xml layout exposes:
- Standard fields: Title, Description, Status, Priority
- Custom field:
riskControlType(multi-select) - Linked items section showing TARA records (via
mitigates) and implementing requirements/tasks (viaimplements)
Related Pages
- TARA Record (taraRecord) — the risk assessment record mitigated by controls
- Risk Control Type — detailed control type enumeration
- Define Risk Treatment — how-to guide for treatment decisions
- Add Risk Controls and Link to TARA Records — how-to guide for creating controls
- Link Roles and Traceability Relationships — complete link role inventory