...
Risk categories simply allow you to organize risks more clearly, since you may identify very large numbers of risks.
For more info, see: <link to How to create risk category>Create Risk Categories .
Risks
A risk is an identified area of potential harmful exposure for your organization. It could be related to security or liability. Risks could be identified by completing an assessment. Currently, risks are created and managed by superusers. In a future release of Isora GRC, other users with the appropriate role will be able to add risks into Isora’s risk inventory. Once a risk has been identified, affected org units can track their exposure level by creating and managing a risk score in the risk register.
...
For information about creating risks, see: <link to how to create risk> How to Create Risks .