1. Go to 'Add New Risks' and select 'Import CSV'.
2. Download the CSV template.
If you already have a completed template, skip the download to proceed to upload.
3. Open the CSV file. You will see the following columns.
Columns Accepting Free Text:
Risk Name, Risk Description, Mitigation Plan, Asset, Threat, Vulnerability
Columns with Accepted Values:
Category: Security, Privacy, Operational, Compliance, Governance, Cybersecurity, Physical Security, Financial
Inherent Impact: Values 1-5
Inherent Likelihood: Values 1-5
Residual Likelihood: Values 1-5
Asset: Information and Data Assets, ICT Asset and Infrastructure, People, Operational and ICT Processes, Third-Party and ICT Service Providers, Financial and Digital Assets
Classification: Confidential, Restricted, Public, Internal
5. Remove the accepted values and 'free text' and fill in the details of all risks.
Save the file as a CSV once completed.
6. Go back to Scytale and upload the completed CSV file.
7. Your Risk List should now be imported.
If there was a problem with your file, an error message will appear as shown below. It will specify which line has the issue and what the problem is. Correct the issues and re-upload the CSV.
