
Risk Snapshots
A risk snapshot is a point-in-time capture of your whole risk posture, taken for year-over-year comparison. Each snapshot records the risk register (with the count of risks by severity), the controls and ICT assets in scope, and the current KRI landscape — the value, status, target and regulatory anchors of every indicator at the moment of capture. Create one from Risk Management › Snapshots with Create Snapshot. This is what auditors review when they ask “how did the risk picture look in Q1?”
Snapshot diff
From Risk Management › Snapshots click Compare snapshots to pick two snapshots and render a board-ready narrative of what changed:
- KRI transitions (green → amber, amber → red, etc.)
- Risk-level delta per status
- Control implementation delta
- Narrative summary: “Between Q1 2026 and Q2 2026: 3 KRIs worsened, 1 critical-level risk added, control coverage moved 86% → 91%.”
The diff page has a one-click Download board-pack PDF (with this diff) button that produces a fully formatted PDF including the diff narrative as a section.
Board Pack PDF
The Board pack PDF button on the KRI page generates a board-ready PDF covering:
- Cover page with overall health score, status and trajectory.
- Per-domain composite health with score bars.
- “KRIs trending toward red” — regression alerts, including KRIs still inside green.
- Open KRI breaches with statutory clock status (DORA / NIS2 due-dates highlighted when overdue).
- Optional snapshot diff narrative.
- Regulatory readiness per framework — composite score across all KRIs anchored to that framework.