Risk Registers

Risk Registers are a collection of Risks. They are used to organize and manage Risks.

List Risk Registers

Retrieve all Risk Registers associated with the account.

🔒 Requires Risk Management: List Risk Registers permission.

💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.

Securitybearer
Request
query Parameters
cursor
string

This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a pagination.cursor value that can be used in the subsequent request to retrieve the next page of results

size
number [ 1 .. 500 ]
Default: 50

Number of results to return

sort
string (SortTypeLimitedEnum)

Which field to sort by

Enum: "createdAt" "updatedAt"
sortDir
string (SortDirectionEnum)

The direction to sort the data

Enum: "ASC" "DESC"
name
string <= 191 characters

Search query for Register name

Example: name=security
ownerIds[]
Array of numbers

User IDs of the Register Owners to filter by

Example: ownerIds[]=1&ownerIds[]=2&ownerIds[]=3
Responses
200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/risk-registers
Request samples 
Response samples 
application/json
{
  • "data": [ ],
  • "pagination": {
    • "cursor": "string"
    }
}
Create Risk Register
Create Risk Register.


🔒 Requires Risk Management: Create Risk Register permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
Request Body schema: application/json
required
name
required
string  <= 191 characters 
Unique name for the Risk Register


 
description
string or null  <= 60000 characters 
Description for the Risk Register


 
ownerIds
Array of numbers
List of User ids to be assigned to the Risk Register as owners


 
Responses 
201
Created


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


post/risk-registers
Request samples 
application/json
{
  • "name": "Default Register",
  • "description": "Register for all Risks",
  • "ownerIds": [
    • 1,
    • 2,
    • 3
    ]
}
Response samples 
application/json
{
  • "id": 1,
  • "name": "Default Register",
  • "description": "Default Register for all Risks",
  • "owners": [
    • {
      • "id": 1,
      • "email": "[email protected]",
      • "firstName": "Sally",
      • "lastName": "Smith",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "createdAt": "2025-07-01T16:45:55.246Z",
  • "updatedAt": "2025-07-01T16:45:55.246Z"
}
Get Risk Register
Get Risk Register details


🔒 Requires Risk Management: Get Risk Register permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
path Parameters
riskRegisterId
required
number
The Risk Register ID


 
 Example:  1
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


get/risk-registers/{riskRegisterId}
Request samples 
Response samples 
application/json
{
  • "id": 1,
  • "name": "Default Register",
  • "description": "Default Register for all Risks",
  • "owners": [
    • {
      • "id": 1,
      • "email": "[email protected]",
      • "firstName": "Sally",
      • "lastName": "Smith",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "createdAt": "2025-07-01T16:45:55.246Z",
  • "updatedAt": "2025-07-01T16:45:55.246Z"
}
Update Risk Register
Update the Risk Register details


🔒 Requires Risk Management: Update Risk Register permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
path Parameters
riskRegisterId
required
number
The Risk Register ID


 
 Example:  1
Request Body schema: application/json
required
description
string or null  <= 60000 characters 
Description for the Risk Register


 
ownerIds
Array of numbers
List of User ids to be assigned to the Risk Register as owners


 
name
string  <= 191 characters 
Unique name for the Risk Register


 
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


put/risk-registers/{riskRegisterId}
Request samples 
application/json
{
  • "description": "Register for all Risks",
  • "ownerIds": [
    • 1,
    • 2,
    • 3
    ],
  • "name": "Default Register"
}
Response samples 
application/json
{
  • "id": 1,
  • "name": "Default Register",
  • "description": "Default Register for all Risks",
  • "owners": [
    • {
      • "id": 1,
      • "email": "[email protected]",
      • "firstName": "Sally",
      • "lastName": "Smith",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "createdAt": "2025-07-01T16:45:55.246Z",
  • "updatedAt": "2025-07-01T16:45:55.246Z"
}
Delete Risk Register
Deletes a Risk Register


🔒 Requires Risk Management: Delete Risk Register permission.


💎 Requires your account have the Risk Management Pro feature. Contact your CSM for help upgrading.


Securitybearer 
Request 
path Parameters
riskRegisterId
required
number
The Risk Register ID


 
 Example:  1
Responses 
204
No Content


400
Malformed data and/or validation errors


401
Invalid Authorization


402
You must upgrade your plan to use this feature


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


delete/risk-registers/{riskRegisterId}
Request samples 
Response samples 
application/json
{
  • "name": "string",
  • "statusCode": 0,
  • "message": "string",
  • "code": 0,
  • "debugInfo": {
    • "name": "string",
    • "message": "string",
    • "stack": "string"
    }
}