Edit risk details

Updates a risk partially

Securitybearer
Request
path Parameters
id
required
string
Request Body schema: application/json
required
title
required
string <= 191 characters

Describes the title of a risk

description
required
string <= 768 characters

Describes the problem

impact
number [ 1 .. 10 ]

Describes the impact

likelihood
number [ 1 .. 10 ]

Describes the likelihood

score
number [ 1 .. 100 ]

Assessment score

Array of objects (CategoryRequestPublicDto)
Array of objects (DocumentRequestPublicDto)
treatmentPlan
required
string

The risk treatment plan

Enum: "UNTREATED" "ACCEPT" "TRANSFER" "AVOID" "MITIGATE"
treatmentDetails
string <= 30000 characters

Describes the treatment

anticipatedCompletionDate
string <date-time>

Anticipated Completion Date.

completionDate
string <date-time>

Completion Date.

Array of objects (ReviewerRequestPublicDto)
Array of objects (OwnerRequestPublicDto)
residualImpact
number [ 1 .. 10 ]

Describes the score for impact

residualLikelihood
number [ 1 .. 10 ]

Describes the score for likelihood

residualScore
number [ 1 .. 100 ]

Assessment residual score

Array of objects (ControlRequestPublicDto)
applicable
boolean

Mark if risk is applicable or not

status
string

Risks status

Enum: "ACTIVE" "ARCHIVED" "CLOSED"
Responses
200

Good to go!

400

Malformed data and/or validation errors

401

Invalid Authorization

402

Response Code 402

You must pay to activate this feature

403

You are not allowed to perform this action

404

Record Not Found

412

Response Code: 412

You must accept the Drata terms and conditions to use the API

500

Internal server error

put/risk-management/{id}
Request samples
application/json
{
  • "title": "Door locks",
  • "description": "Building doors can be open and an unauthorized person can walk in.",
  • "impact": 3,
  • "likelihood": 1,
  • "score": 3,
  • "categories": [
    • {
      • "id": 1
      }
    ],
  • "documents": [
    • {
      • "id": 1
      }
    ],
  • "treatmentPlan": "TRANSFER",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2020-07-06 12:00:00.000000",
  • "completionDate": "2020-07-06 12:00:00.000000",
  • "reviewers": [
    • {
      • "id": 1
      }
    ],
  • "owners": [
    • {
      • "id": 1
      }
    ],
  • "residualImpact": 3,
  • "residualLikelihood": 1,
  • "residualScore": 3,
  • "controls": [
    • {
      • "id": 1
      }
    ],
  • "applicable": true,
  • "status": "ACTIVE"
}
Response samples
application/json
{
  • "id": 1,
  • "riskId": "AC-04",
  • "title": "Password Management - Password Cracking",
  • "description": "An attacker attempts to gain access to organizational information by guessing of passwords.",
  • "treatmentPlan": "UNTREATED",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2020-07-06 12:00:00.000000",
  • "completionDate": "2020-07-06 12:00:00.000000",
  • "impact": 5,
  • "likelihood": 5,
  • "score": 5,
  • "residualImpact": 5,
  • "residualLikelihood": 5,
  • "residualScore": 5,
  • "applicable": true,
  • "status": "ACTIVE",
  • "controls": [
    • {
      • "id": 23,
      • "code": "DCF-01",
      • "name": "Hello",
      • "description": "this is a description",
      • "isReady": true,
      • "controlNumber": 1,
      • "archivedAt": 1
      }
    ],
  • "categories": [
    • {
      • "id": 1,
      • "name": "Governance"
      }
    ],
  • "owners": [],
  • "reviewers": [],
  • "documents": [
    • {
      • "id": 1,
      • "name": "Security Training",
      • "createdAt": "2020-07-06 12:00:00.000000"
      }
    ],
  • "notes": [
    • {
      • "id": 1,
      • "comment": "Good comment",
      • "createdAt": "2020-07-06 12:00:00.000000",
      • "updatedAt": "2020-07-06 12:00:00.000000",
      • "owner": {}
      }
    ]
}