When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this for ISO 27005-style risk scenarios that should appear in Dataview dashboards.
---type: riskrisk_id: ""risk_name: ""status: draftasset: ""threat: ""vulnerability: ""risk_statement: ""likelihood: 1impact: 1inherent_risk_score: 1inherent_risk_level: lowtreatment_option: ""treatment_status: not_startedrelated_controls: []related_evidence: []residual_likelihood: nullresidual_impact: nullresidual_risk_score: nullresidual_risk_level: nullrisk_owner: ""review_frequency: quarterlycreated: 2026-06-03updated: 2026-06-03tags: - risk - iso27005---
# {{title}}
## Risk Scenario
Describe the risk using this structure:
```textBecause of [threat] exploiting [vulnerability] affecting [asset], [business impact] may occur.```
## Asset
## Threat
## Vulnerability
## Likelihood Rationale
## Impact Rationale
## Inherent Risk
## Treatment Decision
## Related Controls
## Required Evidence
## Residual Risk
## Review Notes- Template
- Iso27005
- Risk
Note Metadata
Source: 99-Templates/Template-Risk-Scenario.md