If the Risk thresholds in the Risk Criteria Matrix do not align with company needs, what should be done?

When the Risk thresholds in the Risk Criteria Matrix do not align with a company's needs, it is essential to configure the Risk Criteria within ServiceNow. This is because the Risk Criteria Matrix is designed to reflect the specific risk appetite and operational context of the organization. By adjusting the Risk Criteria settings, organizations can ensure that their risk assessments are accurately reflecting the levels of risk that are acceptable and relevant to their unique circumstances.

Configuring the Risk Criteria allows organizations to tailor their risk assessment processes, making them more effective and aligned with strategic goals. This step not only enhances the organization’s ability to manage and mitigate risks effectively but also supports better decision-making regarding risk-related issues.

Using default values or relying on their effectiveness under certain scenarios may lead to misalignment with the organization's actual risk management framework, which can result in inappropriate risk evaluations or a misrepresentation of the organization's risk landscape. Therefore, actively configuring the Risk Criteria allows for a customized approach that effectively meets the organization's specific needs and enhances its overall risk management capabilities.