# Risk Definitions

**Risk Definitions** allow you to assign risk levels for different user activities across applications, email, file sharing, and data transfers. This setting gives your organisation the flexibility to define which activities are considered high or low risk based on your own security needs. By configuring these risk levels, your organisation can prioritise alerts and incidents based on severity, strengthen data protection by applying stricter controls where needed, and gain better visibility into user behaviour across systems.

The assigned risk levels are reflected in the Incident Risks dashboard, helping you quickly identify and respond to potential threats.

Each activity is assigned the following risk levels:

* **No Risk:** Considered safe and does not require monitoring.
* **Low:** Considered as having minimal impact and monitored with low priority.
* **Medium:** Considered as having a moderate impact and requires attention.
* **High:** Considered as having a critical impact and requires immediate action or a strict policy.
* **Highest**: Considered to have the most severe impact and poses a significant risk to the organisation. Requires immediate intervention, escalation, and the strictest policy enforcement.
* **Undefined**: No risk level is assigned to the activity.

## Configure Risk Levels

1. Navigate to ***INSIGHT > Risk Definition.***
2. Select the risk levels for each activity and click **Save**.<br>

   <figure><img src="/files/QKpxIgqagROCxW2Dyvj6" alt=""><figcaption></figcaption></figure>

## Risk Categories

User activities are classified according to category:

1. **SharePoint External**: External users accessing organisational data increases the risk of data leakage. Assigning risk levels helps monitor sensitive and uncontrolled access.&#x20;
2. **SharePoint Internal**: Internal users can unintentionally expose or misuse sensitive data. Assigning risk levels helps monitor and control internal data handling.&#x20;
3. **Email**: Email is a common channel for data exfiltration. Assigning risk levels helps prevent sensitive data from being shared outside the organisation.&#x20;
4. **Data Transfer using Non-Corporate Websites**: Uploading files to unapproved websites can lead to data exposure. Assigning risk levels helps prevent unauthorised data transfers.&#x20;
5. **File Uploads to Non-Corporate File Sharing Applications**: Third-party file-sharing applications may not meet organisational security standards, increasing the risk of data loss. Assigning risk levels helps prevent unauthorised data transfers.&#x20;
6. **Storage Device Risk:** Removable storage devices can be used to transfer sensitive data outside the organisation, increasing the risk of data leakage. Assigning risk levels helps control and monitor data movement through such devices.
7. **Printing Incidents:** Printing sensitive information can lead to data exposure and unauthorised access. Assigning risk levels helps monitor and restrict the printing of critical data.
8. **Keystroke Capture:** Captured keystrokes can include sensitive information such as passwords or confidential data, increasing security risks. Assigning risk levels helps detect and control potential data exposure.
9. **Copy Paste:** Copying and pasting data between applications can result in unintended data sharing or leakage. Assigning risk levels helps monitor and prevent unauthorised data transfer.
10. **Access of Documents on Local Devices:** Accessing documents on local devices can bypass organisational controls and increase the risk of data misuse. Assigning risk levels helps track and manage local data access.
11. **Usage of AI Tools:** Using AI tools can involve sharing sensitive organisational data with external platforms. Assigning risk levels helps control and monitor potential data exposure.
12. **Usage of Non-Corporate Websites:** Accessing non-corporate websites can expose data to untrusted platforms and increase security risks. Assigning risk levels helps restrict and monitor such usage.
13. **Usage of Non-Corporate Applications:** Non-corporate applications may not comply with organisational security standards, increasing the risk of data loss. Assigning risk levels helps control and monitor their usage.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.guardware.com/insight/settings/risk-definitions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.