---
title: "How do I configure Ketryx so that risks are automatically associated and prompt mitigation or reassessment when a requirement or test is updated?"
description: "When requirements or tests are updated, Ketryx can automatically trigger a risk impact assessment. By enabling “Require re-verification of affected items after change control” and configuring rules in Risk Management settings, linked risks are reopened and flagged for reassessment."
category: "Frequently Asked Questions"
section: "General"
keywords: ["requirement test", "risks automatically", "prompt", "affected", "updated", "associated", "change control", "trigger"]
source_url: "https://support.ketryx.com/hc/en-us/articles/38970797940621-How-do-I-configure-Ketryx-so-that-risks-are-automatically-associated-and-prompt-mitigation-or-reassessment-when-a-requirement-or-test-is-updated"
last_reviewed: 2026-06-11
---

# How do I configure Ketryx so that risks are automatically associated and prompt mitigation or reassessment when a requirement or test is updated?

> **In short:** When requirements or tests are updated, Ketryx can automatically trigger a risk impact assessment. By enabling “Require re-verification of affected items after change control” and configuring rules in Risk Management settings, linked risks are reopened and flagged for reassessment.

When requirements or tests are updated, Ketryx can automatically trigger a risk impact assessment. By enabling **“Require re-verification of affected items after change control”** and configuring rules in **Risk Management settings**, linked risks are reopened and flagged for reassessment. The traceability matrix ensures updates are tied to the right risks, prompting review or mitigation updates, with all activity logged for compliance.

### **1\.**[**Enable Re-Verification of Affected Items**](https://docs.ketryx.com/reference/advanced-settings)

- In **Project Settings**, activate **“Require re-verification of affected items after change control.”![](https://support.ketryx.com/hc/article_attachments/38970767790733)**
- When enabled, updating and closing a requirement or test will automatically reopen related items, including risks.
- These items are flagged for re-verification, prompting reassessment or mitigation.
- You can view affected items using the **“Re-verify affected items”** filter on the Items screen.![](https://support.ketryx.com/hc/article_attachments/38970797934989)

### **2\.**[**Configure Risk Management Settings**](https://docs.ketryx.com/manuals/man-08-risk-management)

- In **Advanced Settings → Risk Management**, you can:  - Define custom risk fields and matrices.
  - Enforce strict risk rules (e.g., requiring predefined hazards, harms, and severities).
  - Ensure requirement/test changes automatically trigger review of associated risks.![](https://support.ketryx.com/hc/article_attachments/38970797936269)

### **3\.**[**Ensure Traceability Configuration**](https://docs.ketryx.com/reference/advanced-settings#traceability-configuration)

- Verify that your traceability matrix links requirements and tests to risks.
- When a requirement or test is updated, Ketryx uses these links to identify impacted risks and prompt mitigation or reassessment.

- You can also configure advanced traceability options, including cross-project references.

### **4\. Workflow in Practice**

Once configured, when you update a requirement or test, Ketryx will:

- Identify linked risks through the traceability matrix.
- Reopen those risks (and other affected items) for review.
- Prompt you or the risk owner to reassess, update mitigation measures, or document justification.
- Track all changes in the audit log for compliance.

## Related articles

- [How does Ketryx manage vulnerabilities as opposed to product and patient related risks?](how-does-ketryx-manage-vulnerabilities-as-opposed-to-product-and-patient.md)
- [How can I filter and manage risks of different types?](how-can-i-filter-and-manage-risks-of-different-types.md)
- [How do I remove unrelated test cases from my requirements traceability matrix?](how-do-i-remove-unrelated-test-cases-from-my-requirements-traceability-matrix.md)
- [Can a System Requirement trace from a Risk, in addition to a parent User Need Requirement, especially when identified during a preliminary risk assessment?](can-a-system-requirement-trace-from-a-risk-in-addition-to-a-parent-user-need.md)
- [How are Change Requests approved in Ketryx—are tickets closed upon approval, and does this happen in the CR or test plan? Can we customize the process to support significance review with fields or workflows as needed?](how-are-change-requests-approved-in-ketryx-are-tickets-closed-upon-approval-and.md)
