Skip to main content

Purpose

Risk controls capture the specific technical or procedural measures applied to reduce, avoid, or share cybersecurity risk. Each risk control links to one or more TARA records via the mitigates link role and is classified by control type following the IEC/ISO safety hierarchy (Inherent Safety Design, Protective Measure, Information for Safety).

Work Item Identity

PropertyValue
Type IDriskControl
LabelRisk Control
Iconbuild_OK.png
Tracker PrefixTR
Form LayoutriskControl-form-layout.xml
Risksheet RoleTask type (linked via mitigates role, displayed as “Risk Control”)

Custom Fields

Field IDNameTypeDescription
riskControlTypeRiskControlTypeenum:riskControlType (multi-select)Classifies the control by type. Supports multiple simultaneous values, allowing a single control to span multiple categories.

Risk Control Type Enum Values

The riskControlType enumeration follows the IEC/ISO safety hierarchy:
Enum IDLabelSort OrderDescription
inherentSafetyDesignInherent Safety Design0Eliminates or reduces hazards through fundamental design choices. Preferred approach per ISO/SAE 21434 secure-by-design principles.
protectiveMeasureProtective Measure1Add-on safeguards (firewalls, encryption, IDS) that reduce likelihood or impact without changing the fundamental design.
informationForSafetyInformation for Safety2Warnings, instructions, training, or procedural guidance about residual risks. Last-resort tier in the control hierarchy.
The sort order reflects the safety hierarchy priority: elimination before mitigation before information. A risk control can be tagged with multiple types simultaneously (e.g., both protectiveMeasure and informationForSafety).
Role IDForward LabelTarget TypeDescription
mitigatesMitigatestaraRecordPrimary TARA link. Connects this control to the threat/risk it addresses.
Role IDReverse LabelSource TypeDescription
implementsis Implemented bytask, sysReqTasks or requirements that implement this control. Dual rule: task -> riskControl and sysReq -> riskControl.

Traceability Chain

The risk control sits in the Control Track: diagram The mitigates link is the core Risksheet task link type. In the Risksheet configuration, riskControl is defined as the task type with:
{
  "taskType": "riskControl",
  "taskLinkRole": "mitigates",
  "taskLabel": "Risk Control"
}

Risksheet Integration

Risk controls appear in the Risksheet through two columns:
Column IDHeaderTypeGroupDescription
taskControl IDtaskLinkControlsLinks to riskControl work items via the mitigates role. Displays the control’s work item ID.
taskTitleControltext (bindings: task.title)ControlsDisplays the title of the linked risk control. collapseTo=true for compact view.
These columns appear in the 4. Risk Treatment and 5. Req & Verification views.

Goal Highlight Decorator

When treatmentChoice is reducing or avoiding on a TARA record, the goalHighlight decorator checks whether a cybersecurity goal is linked. Similarly, the presence or absence of risk controls affects treatment completeness indicators in the Risksheet.

Workflow

The riskControl type follows the general work item workflow:
StateColorDescription
draft#3366FFInitial state after creation.
inReview#FFFF99Submitted for review.
pendingApproval#FFFF33Awaiting formal sign-off.
approved#66FF66Formally approved.
rejected#FF3300Rejected. Requires rework.
obsoleteNo longer active.

Lucene Queries

type:riskControl
type:riskControl AND riskControlType:inherentSafetyDesign
type:riskControl AND riskControlType:protectiveMeasure
type:riskControl AND riskControlType:informationForSafety
linkedWorkItems.role:mitigates

Form Layout Notes

The riskControl-form-layout.xml layout exposes:
  • Standard fields: Title, Description, Status, Priority
  • Custom field: riskControlType (multi-select)
  • Linked items section showing TARA records (via mitigates) and implementing requirements/tasks (via implements)