Provide an option to connect each of the clauses, annexes, controls and assessments to a risk

[gorkem-bwl]

Currently ISO42001 (clauses/annexes) and EU AI Act (controls/assessments) are not connected to risks. GRC teams want to see each of those sections linked to one or more risks.

Corresponding risk modal Figma design

Here is how to implement it:

ISO 42001 clauses:

• Add a new field right below “Add/remove evidence.”
• Label: Linked risks
• Button: "Add/remove risks"

When the button is clicked, the modal in Figma is shown to add a risk from the risks database. User can select/deselect risks here.

If/when user selects more than 1 risk, the risk name is written under "Linked risks".

ISO 42001 annexes:

Same approach, button and label. It will be placed under "Add/remove evidence".

EU AI Act controls:

TBD

EU AI Act assessments:

TBD

[gorkem-bwl]

I think there the backend implementation for this issue, as the closed PR links to the FE implementation. Shall I reopen this issue for the BE implementation @samuel-coutinho ?

[samuel-coutinho]

Yes. You are right @gorkem-bwl . It is missing the BE implementation.

[MuhammadKhalilzadeh]

The issue is reassigned, and now is for @Br0wnHammer

[gorkem-bwl]

In fact @HarshP4585 was on it :)