02 · Risk

Risk assessment, actually done.

Model, score, and treat risk with a register your team actually uses. Quantitative or qualitative — it is your methodology, we just make it usable.

Methodologies

NIST · FAIR · ISO 31000

Bring your own framework. Tellus supports quantitative (FAIR, Monte Carlo) or qualitative (5×5, heat maps) — or mix them by domain.

Live scoring

Connected to controls

Risk scores update as control effectiveness changes. A failing control raises residual risk automatically; no quarterly spreadsheet dance.

Treatment

Plans that close out

Assign owners, deadlines, and evidence. Tellus tracks treatment to closure and re-opens issues when signals regress.

142
Active risks tracked
3.4→2.1
Median residual reduction
87%
Treatments closed on time
Risk domains supported
In the product

Built to be used — not admired.

IDRiskInherentOwnerTreatmentResidual
R-141Vendor concentration · AWSHighVP InfraAccept · Q3 reviewResidual 4.1
R-142SSO provider SPOFMedCISOMitigate · MFA fallbackResidual 2.2
R-156Data residency · EUHighDPOTransfer · new regionIn progress
R-160Insider threat · priv accessMedSec EngMitigate · JIT accessResidual 1.8
R-163Open-source supply chainLowEngAcceptResidual 1.2

Compliance, solved.

Start free. Bring your first framework online in under an hour.

Start free trial Book a demo