![Hyperproof.Io [Test] Help Center](https://downloads.intercomcdn.com/i/o/xgk1dxp2/757668/427b255f2659cc7e0853d6a00ec1/628914ae2617199b7d999ba797a5305a.png)
Mitigation is the action or actions your organization takes to reduce a risk from actually happening. If you choose to mitigate a risk, you need to provide a mitigation percentage for each control linked to the risk. Essentially, you’re stating that you want to mitigate “this much of the risk” by using the control.
For example, 30% mitigation on a control reduces the risk by 30%. The amount mitigated will be reduced when the control is At risk (by half) or Critical (completely; the applied mitigation will be 0% despite whatever percentage was entered until the risk is no longer in this state).
How mitigation works in Hyperproof
Hyperproof lets you specify likelihood and impact mitigation percentages. The mitigation percentage for each option can be a whole number or a number with up to 2 decimal places and must not exceed 100%. A control can be linked to multiple risks and have different mitigation factors for each.
Likelihood mitigation - The percentage of the control that goes towards preventing a negative outcome from occurring.
Impact mitigation - The percentage of the control that goes towards reducing the impact of a negative outcome.
What if there is no mitigation?
The mitigation percentage for a linked control can be 0%, which poses no effect on the overall risk score. If there’s no mitigation, the inherent and residual risks will be identical.
