When a mitigation is shared by several risks, there isn't any way to list them in order to update their state efficiently.
User needs to go though all risks in order to see the mitigation change impacts them or not.
Duplicate Steps
No response
Expected Results
Provide a central management of mitigation with unique ID, like for vulnerabilities.
Indeed common mitigation can be used in several risks, today the report tab consider them as independent ones, even the same is used several times. At a minimum the report tab should display risk IDs associated to each "accepted mitigation control" (but a central management of them would be much better).
Issue Description
When a mitigation is shared by several risks, there isn't any way to list them in order to update their state efficiently. User needs to go though all risks in order to see the mitigation change impacts them or not.
Duplicate Steps
No response
Expected Results
Provide a central management of mitigation with unique ID, like for vulnerabilities. Indeed common mitigation can be used in several risks, today the report tab consider them as independent ones, even the same is used several times. At a minimum the report tab should display risk IDs associated to each "accepted mitigation control" (but a central management of them would be much better).
Version Detected
1.2.0
Attachments
No response