Define an Owner and Plan for Registered Threats

Define an Owner and Plan for Registered Threats

You can assign an Owner to manage each registered Threat and the Plan of action. 



Assign an Owner to a Registered Threat

To assign an Owner, select a Registered Threat.



Select from the dropdown beside the icon of a person. Only users assigned the Risk Register function appear.


When you assign an Owner, they do not receive a notification.

Choose a Plan for a Registered Threat

Next, choose the Plan for the Threat. ComplyAssistant comes with 4 options: 

  • Avoid - take no action

  • Control - mitigate the Threat

  • Transfer - transfer responsibility to a third party

  • Accept - take action on the Threat


To choose a Plan, select one of the options from the dropdown beside the document icon at the top of a Registered Threat page.



If you assign “Control,” the Owner is responsible for assigning one or more Controls to the Threat. If you assign “Transfer,” the Owner is responsible for assigning a Third Party vendor to manage the Threat.

Next, you can assign tasks to users in order to implement your Plan. You can also assign who should own each Control.


    • Related Articles

    • Define an Owner and Status for Registered Controls

      Just like with Threats, you can assign an Owner to Controls. In addition, Controls have an Implementation Status. Assign an Owner to a Registered Control To assign an Owner, select from the dropdown. Only users assigned the Risk Register function ...

    • Track Changes to Registered Threats and Controls

      For both registered Threats and Controls, you can create and track Comments. In addition, you can create and track Tasks associated with a Threat or Control. Threats also come with an Activity log to audit who made changes over time. Comments At the ...

    • Manage Tasks for Registered Threats and Controls

      Create and assign a task to someone in your organization for both Threats and Controls. Begin by selecting Add Task under Tasks near the bottom of the page. Then follow the instructions for creating and assigning a Task. If creating a Task from ...

    • Associate Threats and Controls

      In order to link Controls and Threats, navigate to the Risk Register at the top. You can assign more than one Control from a Threat detail page or assign one or more Threats on a Control detail page. You can associate Threats and Controls together, ...

    • Add Threats to the System

      ComplyAssistant comes with 125 pre-populated Threats. Five of these Threats are based on the Health Industry Cybersecurity Practices (HICP) rule. You also have the option to add Threats specific to your organization. To view the list of Threats and ...