Risk Management

Find risks by search terms and filters

List all risks

🔒 Requires Risk Management: List Risks permission.

💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.

Securitybearer
Request
query Parameters
page
number >= 1
Default: 1

Which page of data are you requesting

limit
number [ 1 .. 50 ]
Default: 20

How many items are you requesting

sort
string

Which type of sort (default: ID)

Enum: "ID" "RISK_SCORE" "IDENTIFIED_DATE"
Example: sort=ID
sortDir
string

Which direction to sort the data (default: ASC)

Enum: "ASC" "DESC"
Example: sortDir=ASC
q
string

Query to find a risks

applicable
boolean

Filter risks by aplicable

status
string

Filter risks status

Enum: "ACTIVE" "ARCHIVED" "CLOSED"
Example: status=ACTIVE
isScored
boolean

Filter risks by scored or not scored

treatmentPlan
string

Filter risks by treatment plan

Enum: "UNTREATED" "ACCEPT" "TRANSFER" "AVOID" "MITIGATE"
Example: treatmentPlan=UNTREATED
categoriesIds
Array of numbers

List of categories ids to find risks by

Example: categoriesIds=1&categoriesIds=2&categoriesIds=3
ownersIds
Array of numbers

List of owners ids to find risks by

Example: ownersIds=1&ownersIds=2&ownersIds=3
needsAttention
boolean

Filter risks by controls that are not ready

impact
number [ 1 .. 10 ]

Filter by the impact

Example: impact=3
likelihood
number [ 1 .. 10 ]

Filter by the likelihood

Example: likelihood=1
minScore
number [ 1 .. 100 ]

Filter by the range of scores

Example: minScore=1
maxScore
number [ 1 .. 100 ]

Filter by range of scores

Example: maxScore=1
vendorId
number or null

Filter risk by vendor

Example: vendorId=1
onlyVendors
boolean

Filter risks only by vendor

Responses
200
400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/risk-management
Request samples 
Response samples 
application/json
{
  • "data": [
    • {
      • "id": 1,
      • "riskId": "AC-04",
      • "title": "Password Management - Password Cracking",
      • "description": "An attacker attempts to gain access to organizational information by guessing of passwords.",
      • "treatmentPlan": "UNTREATED",
      • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
      • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
      • "completionDate": "2025-07-01T16:45:55.246Z",
      • "impact": 5,
      • "likelihood": 5,
      • "score": 5,
      • "residualImpact": 5,
      • "residualLikelihood": 5,
      • "residualScore": 5,
      • "applicable": true,
      • "status": "ACTIVE",
      • "controls": [
        • {
          • "id": 23,
          • "code": "DCF-01",
          • "name": "Hello",
          • "description": "this is a description",
          • "isReady": true,
          • "controlNumber": 1,
          • "archivedAt": 1
          }
        ],
      • "categories": [
        • {
          • "id": 1,
          • "name": "Governance"
          }
        ],
      • "owners": [],
      • "reviewers": [],
      • "documents": [
        • {
          • "id": 1,
          • "name": "Security Training",
          • "createdAt": "2025-07-01T16:45:55.246Z"
          }
        ],
      • "notes": [
        • {
          • "id": 1,
          • "comment": "Good comment",
          • "createdAt": "2025-07-01T16:45:55.246Z",
          • "updatedAt": "2025-07-01T16:45:55.246Z",
          • "owner": {
            • "id": 1,
            • "entryId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
            • "email": "[email protected]",
            • "firstName": "Sally",
            • "lastName": "Smith",
            • "jobTitle": "CEO",
            • "avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
            • "drataTermsAgreedAt": "2025-07-01T16:45:55.246Z",
            • "createdAt": "2025-07-01T16:45:55.246Z",
            • "updatedAt": "2025-07-01T16:45:55.246Z"
            }
          }
        ]
      }
    ],
  • "page": 1,
  • "limit": 10,
  • "total": 100
}
Add a new custom risk to the account
Create a custom risk


🔒 Requires Risk Management: Create Risk permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
Request Body schema: application/json
required
title
required
string  <= 191 characters 
Describes the title of a risk


 
description
required
string  <= 768 characters 
Describes the problem


 
impact
number  [ 1 .. 10 ] 
Describes the impact


 
likelihood
number  [ 1 .. 10 ] 
Describes the likelihood


 
score
number  [ 1 .. 100 ] 
Assessment score


 
Array of objects (CategoryRequestPublicDto)   unique 
 
Array of objects (DocumentRequestPublicDto)   unique 
 
treatmentPlan
required
string
The risk treatment plan


 Enum: "UNTREATED" "ACCEPT" "TRANSFER" "AVOID" "MITIGATE"  
treatmentDetails
string  <= 30000 characters 
Describes the treatment


 
anticipatedCompletionDate
string <date-time> 
Anticipated Completion Date.


 
completionDate
string <date-time> 
Completion Date.


 
Array of objects (ReviewerRequestPublicDto)   unique 
 
Array of objects (OwnerRequestPublicDto)   unique 
 
residualImpact
number  [ 1 .. 10 ] 
Describes the score for impact


 
residualLikelihood
number  [ 1 .. 10 ] 
Describes the score for likelihood


 
residualScore
number  [ 1 .. 100 ] 
Assessment residual score


 
Array of objects (ControlRequestPublicDto)   unique 
 
applicable
boolean
Mark if risk is applicable or not


 
status
string
Risks status


 Enum: "ACTIVE" "ARCHIVED" "CLOSED"  
Responses 
201
Created


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


409
There is a conflict in the business rules with this request


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


post/risk-management
Request samples 
application/json
{
  • "title": "Door locks",
  • "description": "Building doors can be open and an unauthorized person can walk in.",
  • "impact": 3,
  • "likelihood": 1,
  • "score": 3,
  • "categories": [
    • {
      • "id": 1
      }
    ],
  • "documents": [
    • {
      • "id": 1
      }
    ],
  • "treatmentPlan": "TRANSFER",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
  • "completionDate": "2025-07-01T16:45:55.246Z",
  • "reviewers": [
    • {
      • "id": 1
      }
    ],
  • "owners": [
    • {
      • "id": 1
      }
    ],
  • "residualImpact": 3,
  • "residualLikelihood": 1,
  • "residualScore": 3,
  • "controls": [
    • {
      • "id": 1
      }
    ],
  • "applicable": true,
  • "status": "ACTIVE"
}
Response samples 
application/json
{
  • "id": 1,
  • "riskId": "AC-04",
  • "title": "Password Management - Password Cracking",
  • "description": "An attacker attempts to gain access to organizational information by guessing of passwords.",
  • "treatmentPlan": "UNTREATED",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
  • "completionDate": "2025-07-01T16:45:55.246Z",
  • "impact": 5,
  • "likelihood": 5,
  • "score": 5,
  • "residualImpact": 5,
  • "residualLikelihood": 5,
  • "residualScore": 5,
  • "applicable": true,
  • "status": "ACTIVE",
  • "controls": [
    • {
      • "id": 23,
      • "code": "DCF-01",
      • "name": "Hello",
      • "description": "this is a description",
      • "isReady": true,
      • "controlNumber": 1,
      • "archivedAt": 1
      }
    ],
  • "categories": [
    • {
      • "id": 1,
      • "name": "Governance"
      }
    ],
  • "owners": [],
  • "reviewers": [],
  • "documents": [
    • {
      • "id": 1,
      • "name": "Security Training",
      • "createdAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "notes": [
    • {
      • "id": 1,
      • "comment": "Good comment",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z",
      • "owner": {
        • "id": 1,
        • "entryId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
        • "email": "[email protected]",
        • "firstName": "Sally",
        • "lastName": "Smith",
        • "jobTitle": "CEO",
        • "avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
        • "drataTermsAgreedAt": "2025-07-01T16:45:55.246Z",
        • "createdAt": "2025-07-01T16:45:55.246Z",
        • "updatedAt": "2025-07-01T16:45:55.246Z"
        }
      }
    ]
}
Get risk details
Get a risk by risk ID


🔒 Requires Risk Management: Get Risk permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
path Parameters
riskId
required
string
The risk ID


 
 Example:  AC-04
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


get/risk-management/{riskId}
Request samples 
Response samples 
application/json
{
  • "id": 1,
  • "riskId": "AC-04",
  • "title": "Password Management - Password Cracking",
  • "description": "An attacker attempts to gain access to organizational information by guessing of passwords.",
  • "treatmentPlan": "UNTREATED",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
  • "completionDate": "2025-07-01T16:45:55.246Z",
  • "impact": 5,
  • "likelihood": 5,
  • "score": 5,
  • "residualImpact": 5,
  • "residualLikelihood": 5,
  • "residualScore": 5,
  • "applicable": true,
  • "status": "ACTIVE",
  • "controls": [
    • {
      • "id": 23,
      • "code": "DCF-01",
      • "name": "Hello",
      • "description": "this is a description",
      • "isReady": true,
      • "controlNumber": 1,
      • "archivedAt": 1
      }
    ],
  • "categories": [
    • {
      • "id": 1,
      • "name": "Governance"
      }
    ],
  • "owners": [],
  • "reviewers": [],
  • "documents": [
    • {
      • "id": 1,
      • "name": "Security Training",
      • "createdAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "notes": [
    • {
      • "id": 1,
      • "comment": "Good comment",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z",
      • "owner": {
        • "id": 1,
        • "entryId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
        • "email": "[email protected]",
        • "firstName": "Sally",
        • "lastName": "Smith",
        • "jobTitle": "CEO",
        • "avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
        • "drataTermsAgreedAt": "2025-07-01T16:45:55.246Z",
        • "createdAt": "2025-07-01T16:45:55.246Z",
        • "updatedAt": "2025-07-01T16:45:55.246Z"
        }
      }
    ]
}
Edit risk details
Updates a risk partially


🔒 Requires Risk Management: Update Risk permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
path Parameters
riskId
required
string
The risk ID


 
 Example:  AC-04
Request Body schema: application/json
required
title
required
string  <= 191 characters 
Describes the title of a risk


 
description
required
string  <= 768 characters 
Describes the problem


 
impact
number  [ 1 .. 10 ] 
Describes the impact


 
likelihood
number  [ 1 .. 10 ] 
Describes the likelihood


 
score
number  [ 1 .. 100 ] 
Assessment score


 
Array of objects (CategoryRequestPublicDto)   unique 
 
Array of objects (DocumentRequestPublicDto)   unique 
 
treatmentPlan
required
string
The risk treatment plan


 Enum: "UNTREATED" "ACCEPT" "TRANSFER" "AVOID" "MITIGATE"  
treatmentDetails
string  <= 30000 characters 
Describes the treatment


 
anticipatedCompletionDate
string <date-time> 
Anticipated Completion Date.


 
completionDate
string <date-time> 
Completion Date.


 
Array of objects (ReviewerRequestPublicDto)   unique 
 
Array of objects (OwnerRequestPublicDto)   unique 
 
residualImpact
number  [ 1 .. 10 ] 
Describes the score for impact


 
residualLikelihood
number  [ 1 .. 10 ] 
Describes the score for likelihood


 
residualScore
number  [ 1 .. 100 ] 
Assessment residual score


 
Array of objects (ControlRequestPublicDto)   unique 
 
applicable
boolean
Mark if risk is applicable or not


 
status
string
Risks status


 Enum: "ACTIVE" "ARCHIVED" "CLOSED"  
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


put/risk-management/{riskId}
Request samples 
application/json
{
  • "title": "Door locks",
  • "description": "Building doors can be open and an unauthorized person can walk in.",
  • "impact": 3,
  • "likelihood": 1,
  • "score": 3,
  • "categories": [
    • {
      • "id": 1
      }
    ],
  • "documents": [
    • {
      • "id": 1
      }
    ],
  • "treatmentPlan": "TRANSFER",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
  • "completionDate": "2025-07-01T16:45:55.246Z",
  • "reviewers": [
    • {
      • "id": 1
      }
    ],
  • "owners": [
    • {
      • "id": 1
      }
    ],
  • "residualImpact": 3,
  • "residualLikelihood": 1,
  • "residualScore": 3,
  • "controls": [
    • {
      • "id": 1
      }
    ],
  • "applicable": true,
  • "status": "ACTIVE"
}
Response samples 
application/json
{
  • "id": 1,
  • "riskId": "AC-04",
  • "title": "Password Management - Password Cracking",
  • "description": "An attacker attempts to gain access to organizational information by guessing of passwords.",
  • "treatmentPlan": "UNTREATED",
  • "treatmentDetails": "Building doors can be open and an unauthorized person can walk in.",
  • "anticipatedCompletionDate": "2025-07-01T16:45:55.246Z",
  • "completionDate": "2025-07-01T16:45:55.246Z",
  • "impact": 5,
  • "likelihood": 5,
  • "score": 5,
  • "residualImpact": 5,
  • "residualLikelihood": 5,
  • "residualScore": 5,
  • "applicable": true,
  • "status": "ACTIVE",
  • "controls": [
    • {
      • "id": 23,
      • "code": "DCF-01",
      • "name": "Hello",
      • "description": "this is a description",
      • "isReady": true,
      • "controlNumber": 1,
      • "archivedAt": 1
      }
    ],
  • "categories": [
    • {
      • "id": 1,
      • "name": "Governance"
      }
    ],
  • "owners": [],
  • "reviewers": [],
  • "documents": [
    • {
      • "id": 1,
      • "name": "Security Training",
      • "createdAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "notes": [
    • {
      • "id": 1,
      • "comment": "Good comment",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z",
      • "owner": {
        • "id": 1,
        • "entryId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
        • "email": "[email protected]",
        • "firstName": "Sally",
        • "lastName": "Smith",
        • "jobTitle": "CEO",
        • "avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
        • "drataTermsAgreedAt": "2025-07-01T16:45:55.246Z",
        • "createdAt": "2025-07-01T16:45:55.246Z",
        • "updatedAt": "2025-07-01T16:45:55.246Z"
        }
      }
    ]
}
Get risk management insights
Get risk management insights


🔒 Requires Risk Management: List Insights permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
query Parameters
categoriesIds
Array of numbers
List of categories ids to find risks by


 
 Example:  categoriesIds=1&categoriesIds=2&categoriesIds=3
ownersIds
Array of numbers
List of owners ids to find risks by


 
 Example:  ownersIds=1&ownersIds=2&ownersIds=3
riskFilter
string
Filter risks with a specific condition


 Enum: "NEEDS_ATTENTION" "CUSTOM_ONLY" "INTERNAL_ONLY" "EXTERNAL_ONLY"  
 Example:  riskFilter=INTERNAL_ONLY
status
Array of strings
Type for risk status


Items Enum: "ACTIVE" "ARCHIVED" "CLOSED"  
 Example:  status=ACTIVE
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


get/risk-management-insights
Request samples 
Response samples 
application/json
{
  • "riskPosture": {
    • "LOW": 23,
    • "CRITICAL": 13
    },
  • "treatmentOverview": {
    • "ACCEPT": 23,
    • "TRANSFER": 13
    },
  • "riskHeatmap": [
    • {
      • "total": 11,
      • "impact": 2,
      • "likelihood": 2
      }
    ],
  • "categoryBreakdown": [
    • {
      • "severity": {
        • "MEDIUM": 1,
        • "CRITICAL": 2
        },
      • "category": {
        • "id": 2,
        • "name": "Access Control"
        }
      }
    ],
  • "scored": 63,
  • "remaining": 8
}