# Assess risk > Assess risk - Identify potential risks to your Use Case, and then how you plan to address and > mitigate those risks using DataRobot risk management tools. This Markdown file sits beside the HTML page at the same path (with a `.md` suffix). It summarizes the topic and lists links for tools and LLM context. Companion generated at `2026-05-06T18:17:10.071464+00:00` (UTC). ## Primary page - [Assess risk](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html): Full documentation for this topic (HTML). ## Sections on this page - [Add a risk assessment](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html#add-a-risk-assessment): In-page section heading. - [Governance policy templates](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html#governance-policy-templates): In-page section heading. - [Add a policy template](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html#add-a-policy-template): In-page section heading. ## Related documentation - [NextGen UI documentation](https://docs.datarobot.com/en/docs/workbench/index.html): Linked from this page. - [Workbench](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/index.html): Linked from this page. - [Use Cases](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/index.html): Linked from this page. - [RBAC roles](https://docs.datarobot.com/en/docs/reference/misc-ref/rbac-ref.html): Linked from this page. ## Documentation content On the Risk tab, you can identify potential risks to the Use Case, and then determine how you plan to address and mitigate those risks using DataRobot risk management tools. Risk includes anything that may impact the Use Case, including legal, operational, IT security, strategic, bias and fairness, etc. Because risk is always changing, risk assessments need to be updated and/or created periodically. Each risk assessment is comprised of three main parts: - Identify: Identify potential risks for the Use Case. - Mitigate: Describe plans to mitigate those risks. - Govern: Provide evidence that mitigation measures have been implemented. Access to the Risk Management Framework is controlled by the [RBAC roles](https://docs.datarobot.com/en/docs/reference/misc-ref/rbac-ref.html) in DataRobot. The following table describes the different levels of access to the Risk Management Framework: | Permission | Description | | --- | --- | | Read | Users can access the Risk tab for viewing but they cannot create risk assessments. | | Write | Users can create risk assessments. There are no restrictions applied with write access aside from administrative permissions. | | Admin | Users can access all risk assessments that belong to the user's organization. For example, if a user has admin access to projects, they can view every risk assessment created within their organization and make edits to them. | | No Access | Users cannot access the Risk tab, create risk assessments, or gain access to any of the risk assessments. | To access the risk assessment and management tools, open a Use Case and go to the Use Case management tab. Then, click Risk. From here, you can: | | Element | Description | | --- | --- | --- | | (1) | Manage policy templates | Opens a modal where you can view and manage governance policy templates, as well as create new templates. | | (2) | + Add risk assessment | Creates a new risk assessment. | | (3) | Mark as primary risk assessment | Adds a star badge next to the title to indicate that it is the primary risk assessment. | | (4) | Edit | Opens the risk assessment in a new modal where you can make modifications. | | (5) | Delete risk assessment | Deletes the risk assessment. | ## Add a risk assessment To add a risk assessment: 1. Click+ Add risk assessment. 2. Select aGovernance policy templatefrom the dropdown. After making a selection, the template is displayed. Follow the link directly below the governance policy template to assess your risk level. Requirements, and therefore what you will need to mitigate, will differ based on your risk level. If you are using a custom template, refer to your organization's policies. 3. Select the appropriateRisk levelfrom the dropdown. 4. In theRisk descriptionsection, describe potential risks for the Use Case and estimate the probability of those risks occurring. In this example, an insurance organization is describing risk of bias in models used for decision-making. 5. In theRisk management plansection, describe how you plan to address and mitigate the risks identified in the previous section. In this example, the insurance organization describes how it plans to identify and mitigate bias at various stages of the model lifecycle through bias detection capabilities and compliance documentation. 6. In theEvidencesection, provide evidence that the risk mitigation plan has been implemented. In this example, the insurance organization includes a link to the compliance documentation mentioned in the previous section as well as the model's deployment report. 7. When you're done, clickAddin the upper-right corner. ## Governance policy templates Governance policy templates serve as an outline for risk assessments and are available from a dropdown when you choose to [add a risk assessment](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html#add-a-risk-assessment). You can create custom templates based on your organization's security policies to help guide users who create risk assessments in the future. To access your organization's governance policy templates, click Manage policy templates. This opens the Manage governance policy templates modal. From here, you can: | | Element | Description | | --- | --- | --- | | (1) | + Create template | Creates a new governance policy template. | | (2) | Available templates | Lists all available—both custom and default—governance policy templates for your organization. | | (3) | Current template | Displays the governance policy that is currently selected. | | (4) | Delete/Edit | Allows you to delete or edit the template. Note that you can only modify templates that you have owner or edit access to. Default templates cannot be modified. | ### Add a policy template When you add a [risk assessment](https://docs.datarobot.com/en/docs/workbench/nxt-workbench/usecases/assess-risk.html#add-a-risk-assessment), you must first choose a governance policy template that serves as an outline for the content to be included. These templates can reflect your organization's governance policies and guide users when creating future risk assessments. To create a custom governance policy template: 1. Click+ Create policy template. 2. Fill in the following fields: FieldDescription1NameEnter a descriptive name for the governance policy template.2Risk levelsAdd the risk levels associated with this template. To add a risk level, click+ Add level. In this example, there are three levels: Minimal, Medium, and High.3Risk descriptionOptional. Enter a risk description, for example, any helpful links or information that you want displayed to users when creating future risk assessments. 3. When you're done, clickCreate template.