Automated risk assessment module with real-time compliance monitoring

What is claimed is: 1. A method comprising: performing, with processing hardware of a computing system, operations comprising: establishing a session between a server computing system and a client computing system; providing, via the session, an objective identification interface to the client computing system; accessing first mapping data that links (a) a set of objectives identified via input to the objective identification interface with (b) a set of risks associated with operations using the client computing system; accessing second mapping data that links the set of risks with a set of control operations; associating, based on the first mapping data and the second mapping data, the set of risks and the set of control operations with the client computing system; determining that a first software configuration and a second software configuration have been implemented, wherein the first software configuration and the second software configuration respectively monitor a first state and a second state of data applicable to the set of control operations; performing a risk assessment operation that comprises determining that the first state of the data tracked via the first software configuration indicates an update within a specified time period and that the second state of the data tracked via the second software configuration indicates no updates within the specified time period; and providing, via the session and based on the risk assessment operation, a risk assessment interface comprising (a) indications of mitigation of the set of risks and (b) interface elements configured for performing operations with respect to the client computing system that modify the mitigation of the set of risks. 2. The method of claim 1 , wherein: the server computing system includes a multi-tenant computing platform having a tenant authorized for use by the client computing system, and establishing the session includes the client computing system communicating with the server computing system via the tenant. 3. The method of claim 2 , wherein associating the set of risks and the set of control operations includes: (1) providing a confirmation menu to the client computing system that includes interface elements configured for instructing that mitigation of the set of risks should occur, (2) receiving instructions to mitigate the set of risks via the confirmation menu, and (3) updating, in the tenant of the client computing system, a project data object to include the set of risks, the set of control operations, and evidence task objects for storing data applicable to the set of control operations. 4. The method of claim 1 , wherein determining that the first software configuration and the second software configuration have been implemented comprises determining that a first integration with third-party software and a second integration with the third-party software have been configured to retrieve the data applicable to the set of control operations. 5. The method of claim 4 , wherein determining that at least one of the first integration or the second integration is configured includes: identifying, in a tenant authorized for use by the client computing system, a computer-executable program or script specifying a data source within the client computing system and a destination accessible via the tenant, and determining that the computer-executable program or script is associated with at least one evidence task object for storing data applicable to the set of control operations. 6. The method of claim 4 , wherein performing the risk assessment operation further comprises determining that: (a) the first integration has been used to retrieve the data within the specified time period, and (b) no data has been retrieved using the second integration within the specified time period. 7. The method of claim 6 , wherein determining that the first integration has been used to retrieve the data within the specified time period and that no data has been retrieved using the second integration with the specified time period comprises: determining that a first evidence task object associated with the first integration has been updated within the specified time period, and determining that a second evidence task object associated with the second integration has not been updated within the specified time period. 8. The method of claim 1 , wherein the interface elements include: a first interface element configured to update the risk assessment interface with data from an evidence data object, and a second interface element configured to execute an integration associated with the evidence data object. 9. A computing system comprising: processing hardware; and a non-transitory computer-readable medium communicatively coupled to the processing hardware, wherein the processing hardware is configured for executing instructions stored in the non-transitory computer-readable medium and thereby performing operations comprising: providing a multi-tenant computing platform having a tenant authorized for use by a client computing system; providing, via the tenant, an objective identification interface to the client computing system; identifying, based on input to the objective identification interface, a set of risks associated with operations using the client computing system; determining that a first software configuration and a second software configuration have been implemented, wherein the first software configuration and the second software configuration respectively monitor a first state and a second state of data applicable to a set of control operations associated with the set of risks; performing a risk assessment operation that comprises determining that the first state of the data tracked via the first software configuration indicates an update within a specified time period and that the second state of the data tracked via the second software configuration indicates no updates within the specified time period; and providing, via the tenant, a risk assessment interface comprising (a) indications of mitigation of the set of risks and (b) interface elements configured for performing operations with respect to the client computing system that modify the mitigation of the set of risks. 10. The computing system of claim 9 , wherein the operations further comprise: (1) providing a confirmation menu to the client computing system that includes interface elements configured for instructing that mitigation of the set of risks should occur, (2) receiving instructions to mitigate the set of risks via the confirmation menu, and (3) updating, in the tenant of the client computing system, a project data object to include the set of risks, the set of control operations, and evidence task objects for storing data applicable to the set of control operations. 11. The computing system of claim 10 , wherein determining that the first software configuration and the second software configuration have been implemented comprises determining that a first integration with third-party software and a second integration with the third-party software have been configured to retrieve the data applicable to the set of control operations. 12. The computing system of claim 11 , wherein determining that at least one of the first integration or the second integration is configured includes: identifying, in the tenant, a computer-executable program or script specifying a data source within the client computing system and a destination accessible via the tenant, and determining that the computer-executable program or script is associated with at least one of the evidence task objects.